On 23/08/25, Louis Villedieu via dovecot ([email protected]) wrote:
> Dear dovecot mailing list,
>
> Maybe you'll have an idea.
>
> I upgraded from Debian bookworm to trixie this morning.
> Along with this upgrade, dovecot went to 2.4.1 .
> I adapted the configuration files.
> The server starts but the clients cannot retrieve emails.
> The error message in the logs is:
>
> dovecot: pop3-login: Error: Failed to initialize SSL connection: Couldn't
> initialize SSL server context: Can't load SSL certificate
> (ssl_server_cert_file setting): The certificate is empty
It would be helpful if you could share the ssl-related parts of your
configuration files, anonymised as necessary.
Perhaps it is as simple as a path error?
Typically, the top-level ssl settings (as I understand it) should be
ssl = yes
ssl_server_cert_file = path_to_fullchain.pem
ssl_server_key_file = path_to_private_key.pem
I think you can also configure this as follows:
# example ssl config
ssl = yes
ssl_server {
cert_file = /etc/dovecot/certs/server.crt
key_file = /etc/dovecot/certs/server.key
}
You can also have per host keys using the following configuration stanza:
#
https://doc.dovecot.org/2.4.1/core/config/ssl.html#with-client-tls-sni-server-name-indication-support
local_name example.net {
ssl_server_cert_file = /etc/dovecot/certs/example.crt
ssl_server_key_file = /etc/dovecot/certs/example.key
}
_______________________________________________
dovecot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
