dovecot confusing default ssl configuration

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

dovecot confusing default ssl configuration

Thuban
I think this is since 6.3.
Qhen installin dovecot package, a few files are created.
The problem is that /etc/dovecot/conf.d/10-ssl.conf contains :

        ssl_cert = </etc/ssl/dovecotcert.pem
        ssl_key = </etc/ssl/private/dovecot.pem

However, doesn't exist.

I thought user configuration should be done in /etc/dovecot/local.conf
to avoid problems for future upgrades.
I think the above lines should be commented by default, but maybe there
is a good reason I miss?
I understand the following message, but even if it might look handy, it
should be default :

        --- +dovecot-2.2.36 -------------------
        Files to facilitate the generation of a self-signed
        certificate and key for Dovecot have been installed:
        /etc/ssl/dovecot-openssl.cnf (Edit this accordingly!)
        /usr/local/sbin/dovecot-mkcert.sh

        If this has been or will be accomplished by other means,
        use the following paths for the files:
        /etc/ssl/dovecotcert.pem
        /etc/ssl/private/dovecot.pem


Regards.
--
    thuban