Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: sotero on March 16, 2021, 03:00:01 pm
-
Hi all,
Since I've upgraded to Zentyal 7, all clients that try to connect using IMAPs provide the same error on the mail.log
dovecot: imap-login: Error: Failed to initialize SSL server context: Can't load DH parameters: error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small: user=<>, rip=someIP, lip=someIP
I've tried to add ssl_dh = </usr/share/dovecot/dh.pem to my 10-ssl.conf file, but that didn't help.
Anone else having this issue?
Marcio
-
SOLVED:
Add the line:
ssl_dh = </etc/dovecot/dh.pem
to the file /etc/dovecot/dovecot.conf ->> don't forget that on zentyal, you have to add it on the stub /etc/zentyal/stubs/mail/dovecot.conf.mas
then run:
openssl dhparam -out /etc/dovecot/dh.pem 4096
will take a while (15 min minimum)
Restart dovecot, and everything will work.