On Mon, 2012-05-14 at 17:51 +0200, Christian Rößner wrote: > Unfortunately I already tested this (and also once again after your > answer). Changed the setting, stopped dovecot and restart it. After > that doing doveadm qutoa get -A stalls. > > What I do not understand is that I can not see any connection attempts > to the LDAP servers. If it had problems with the certificates I would > expect to see the connection and then a failure in the starttls > process. > > I alos did chmod o+rx to the folder /etc/ssl/private and also to the > private key. So I think it has nothing to do with the privileges of > the certificates, does it?
I don't know how OpenLDAP works internally. Does it still log about ldap_start_tls_s() failing? Try if increasing OpenLDAP's logging in dovecot-ldap.conf.ext works: # LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h. # -1 = everything. You may need to recompile OpenLDAP with debugging enabled # to get enough output. #debug_level = 0 Also make sure that the auth and auth-worker processes have the same permissions: doveconf service/auth > a doveconf service/auth-worker > b diff -u a b