[Dovecot] DSA support for TLS?

Timo Sirainen tss at iki.fi
Sun Sep 18 18:57:06 EEST 2005


On Sun, 2005-09-11 at 12:52 -0700, OpenMacNews wrote:
> 	dovecot: Sep 11 11:58:43 Error: imap-login: Can't load private key file 
> /var/Security/mail.testdomain.com.privkey.dsa.pem: error:0607907F:digital 
> envelope routines:EVP_PKEY_get1_RSA:expecting an rsa key

Well, I'm not sure why so many other programs seem to want to require
RSA private keys (where I looked at examples how to use OpenSSL), but I
think this patch fixes it (committing to CVS too):

Index: src/login-common/ssl-proxy-openssl.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/ssl-proxy-openssl.c,v
retrieving revision 1.28
diff -u -r1.28 ssl-proxy-openssl.c
--- src/login-common/ssl-proxy-openssl.c	18 Sep 2005 14:43:10 -0000	1.28
+++ src/login-common/ssl-proxy-openssl.c	18 Sep 2005 15:55:35 -0000
@@ -487,8 +487,8 @@
 			certfile, ssl_last_error());
 	}
 
-	if (SSL_CTX_use_RSAPrivateKey_file(ssl_ctx, keyfile,
-					   SSL_FILETYPE_PEM) != 1) {
+	if (SSL_CTX_use_PrivateKey_file(ssl_ctx, keyfile,
+					SSL_FILETYPE_PEM) != 1) {
 		i_fatal("Can't load private key file %s: %s",
 			keyfile, ssl_last_error());
 	}

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20050918/3b984771/attachment.pgp


More information about the dovecot mailing list