A year ago I followed the How-To "Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Mandriva 2008.1)". It has worked perfect for a year .... I'm sure you know where this is going. The default IMAP and POP3 certs that are generated with the Courier URPMI install/startup have expired, generating errors to the users. I looked through the forum and found some references to the problem in other distro how-to's, but the pem files mentioned that need to be replaced I can't even find with locate. I did find the scripts mkimapdcert and mkpop3cert, and updated the 365 day references and tried to rerun this scripts but received an error. Any ideas on how to update the tls/ssl certs for courier in this Mandriva distro?
Yes-- did a locate cnf, I get: locate cnf /etc/my.cnf /etc/pki/tls/openssl.cnf /usr/share/doc/mysql-common/my-huge.cnf /usr/share/doc/mysql-common/my-innodb-heavy-4G.cnf /usr/share/doc/mysql-common/my-large.cnf /usr/share/doc/mysql-common/my-medium.cnf /usr/share/doc/mysql-common/my-small.cnf /usr/share/mysql/my-huge.cnf /usr/share/mysql/my-innodb-heavy-4G.cnf /usr/share/mysql/my-large.cnf /usr/share/mysql/my-medium.cnf /usr/share/mysql/my-small.cnf /usr/share/webmin/acl/openssl.cnf /usr/share/webmin/blue-theme/mysql/images/cnf.gif /usr/share/webmin/mysql/edit_cnf.cgi /usr/share/webmin/mysql/save_cnf.cgi /usr/share/webmin/mysql/help/cnf.ca.html /usr/share/webmin/mysql/help/cnf.html /usr/share/webmin/mysql/help/cnf.it.html /usr/share/webmin/mysql/images/cnf.gif /usr/share/webmin/openvpn/openvpn-ssl.cnf Notice no imapd.cnf. And if I try to run /usr/sbin/mkimapdcert I get-- error on line -1 of /etc/courier/imapd.cnf 29833:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/courier/imapd.cnf','rb') since the expected file doesn't exist. Mandriva Courier RPM must be the problem, maybe they changed the name of the file or something.
I guess you need to create that file manually. Try something like this in it: Code: RANDFILE = /usr/lib/courier/imapd.rand [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] C=US ST=NY L=New York O=Courier Mail Server OU=Automatically-generated IMAP SSL key CN=localhost [email protected] [ cert_type ] nsCertType = server