On 23. Aug 2025, at 23.43, Louis Villedieu via dovecot <[email protected]> wrote: > > Dear dovecot mailing list, > Maybe you'll have an idea. > I upgraded from Debian bookworm to trixie this morning. > Along with this upgrade, dovecot went to 2.4.1 . > I adapted the configuration files. > The server starts but the clients cannot retrieve emails. > The error message in the logs is: > > dovecot: pop3-login: Error: Failed to initialize SSL connection: Couldn't > initialize SSL server context: Can't load SSL certificate > (ssl_server_cert_file setting): The certificate is empty
It's at least not a common problem, since many people are successfully running it. So a bit difficult to say. doveconf -n output might be helpful. You can also debug it further with: > In iostream-openssl-context.c:ssl_iostream_context_set(), I adapted this > error message to see whether a path could be found for this server cert > file: > > t_strdup_printf( > > "Can't load SSL certificate (%s setting with path > '%s'): %s", > > ctx->client_ctx ? "ssl_client_cert_file" : > > "ssl_server_cert_file", > > set->cert.cert.path, > > > openssl_iostream_use_certificate_error(set->cert.cert.content) You can attach gdb here to this place. Add code: raise(SIGSTOP); And early into file #include <signal.h> Now when this error is reached, the process is stopped and you can: gdb -p <pid of stopped imap-login process> There you can inspect the settings where it goes wrong. Especially it seems in io_stream_autocreate_ssl_server() "ssl_server_set" contains the correct path but "set" doesn't? _______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
