我安装了一个 postfix 邮件服务器。但是当我使用 thunderbird 登录用户时,它是错误的。 这是配置。
Postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 20000000000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 200000000
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = stack.daolicloud.com
myhostname = mail.stack.daolicloud.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relay_domains = $mydestination
relayhost =
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/cacert.pem
smtpd_tls_key_file = /etc/ssl/private/server.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
dovecot -n:
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-431.1.2.0.1.el6.x86_64 x86_64 CentOS release 6.4 (Final)
auth_mechanisms = plain login
mail_location = maildir:~/Maildir
mail_privileged_group = mail
mbox_write_locks = fcntl
passdb {
driver = pam
}
protocols = imap pop3
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imap {
port = 143
ssl = yes
}
inet_listener imaps {
port = 993
ssl = yes
}
}
ssl_cert = </etc/ssl/certs/cacert.pem
ssl_key = </etc/ssl/private/server.key
userdb {
driver = passwd
}
这是日志:
dovecot: imap-login: Fatal: Can't load private ssl_key: Key is for a different cert than ssl_cert
dovecot: master: Error: service(imap-login): command startup failed, throttling
dovecot: pop3-login: Fatal: Can't load private ssl_key: Key is for a different cert than ssl_cert
dovecot: master: Error: service(pop3-login): command startup failed, throttling
postfix/smtpd[13891]: warning: cannot get RSA private key from file /etc/ssl/private/server.key: disabling TLS support
postfix/smtpd[13891]: warning: TLS library problem: 13891:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:331:
postfix/smtpd[13893]: warning: cannot get RSA private key from file /etc/ssl/private/server.key: disabling TLS support
postfix/smtpd[13893]: warning: TLS library problem: 13893:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:331:
postfix/smtpd[13894]: warning: cannot get RSA private key from file /etc/ssl/private/server.key: disabling TLS support
postfix/smtpd[13894]: warning: TLS library problem: 13894:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:331:
postfix/smtpd[13895]: warning: cannot get RSA private key from file /etc/ssl/private/server.key: disabling TLS support
postfix/smtpd[13895]: warning: TLS library problem: 13895:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:331:
我认为 pem 和 key 文件是错误的。所以我再次生成此文件,然后是 this link .但它仍然会出现同样的错误。有任何想法吗?有人可以帮助我吗?非常感谢!
最佳答案
为了检查证书和 key 匹配是否使用这个,
(openssl x509 -noout -modulus -in /etc/ssl/certs/cacert.pem | openssl md5 ;\
openssl rsa -noout -modulus -in /etc/ssl/private/server.key | openssl md5) | uniq
如果您获得多个标识符,则您的 key 和证书不匹配。
创建一个新的;
openssl req -new -x509 -days 3650 -nodes -out /etc/ssl/certs/cacert.pem -keyout /etc/ssl/private/server.key
干杯!
关于linux - Postfix 无法从文件/etc/ssl/private/server.key : disabling TLS support 中获取 RSA 私钥,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23652680/
类classAprivatedeffooputs:fooendpublicdefbarputs:barendprivatedefzimputs:zimendprotecteddefdibputs:dibendendA的实例a=A.new测试a.foorescueputs:faila.barrescueputs:faila.zimrescueputs:faila.dibrescueputs:faila.gazrescueputs:fail测试输出failbarfailfailfail.发送测试[:foo,:bar,:zim,:dib,:gaz].each{|m|a.send(m)resc
我想安装一个带有一些身份验证的私有(private)Rubygem服务器。我希望能够使用公共(public)Ubuntu服务器托管内部gem。我读到了http://docs.rubygems.org/read/chapter/18.但是那个没有身份验证-如我所见。然后我读到了https://github.com/cwninja/geminabox.但是当我使用基本身份验证(他们在他们的Wiki中有)时,它会提示从我的服务器获取源。所以。如何制作带有身份验证的私有(private)Rubygem服务器?这是不可能的吗?谢谢。编辑:Geminabox问题。我尝试“捆绑”以安装新的gem..
我有一个.pfx格式的证书,我需要使用ruby提取公共(public)、私有(private)和CA证书。使用shell我可以这样做:#ExtractPublicKey(askforpassword)opensslpkcs12-infile.pfx-outfile_public.pem-clcerts-nokeys#ExtractCertificateAuthorityKey(askforpassword)opensslpkcs12-infile.pfx-outfile_ca.pem-cacerts-nokeys#ExtractPrivateKey(askforpassword)o
假设您编写了一个类Sup,我决定将其扩展为SubSup。我不仅需要了解你发布的接口(interface),还需要了解你的私有(private)字段。见证这次失败:classSupdefinitialize@privateField="fromsup"enddefgetXreturn@privateFieldendendclassSub问题是,解决这个问题的正确方法是什么?看起来子类应该能够使用它想要的任何字段而不会弄乱父类(superclass)。编辑:equivalentexampleinJava返回"fromSup",这也是它应该产生的答案。 最佳答案
在ruby中,你可以这样做:classThingpublicdeff1puts"f1"endprivatedeff2puts"f2"endpublicdeff3puts"f3"endprivatedeff4puts"f4"endend现在f1和f3是公共(public)的,f2和f4是私有(private)的。内部发生了什么,允许您调用一个类方法,然后更改方法定义?我怎样才能实现相同的功能(表面上是创建我自己的java之类的注释)例如...classThingfundeff1puts"hey"endnotfundeff2puts"hey"endendfun和notfun将更改以下函数定
我正在尝试获得良好的Ruby编码风格。为防止意外调用具有相同名称的局部变量,我总是在适当的地方使用self.。但是现在我偶然发现了这个:classMyClass上面的代码导致错误privatemethodsanitize_namecalled但是当删除self.并仅使用sanitize_name时,它会起作用。这是为什么? 最佳答案 发生这种情况是因为无法使用显式接收器调用私有(private)方法,并且说self.sanitize_name是显式指定应该接收sanitize_name的对象(self),而不是依赖于隐式接收器(也是
我有一个放在lib/network中的类:moduleNetworkApiclassNetworkProxyendend然后在另一个类中,我引用了这个类:network_proxy=::NetworkApi::NetworkProxy.new(params)一切都在我的开发环境中正常运行,但是当我部署到服务器时,我在上面一行收到错误消息:NameError:uninitializedconstantNetworkApi::NetworkProxy我不知道为什么会出现这个奇怪的错误。请告诉我为什么。 最佳答案 请注意Rails5dis
在Ruby(或Rails)中,我们可以做到new_params=params.merge({:order=>'asc'})现在new_params是一个带有添加键:order的散列。但是是否有一行可以返回带有已删除key的散列?线路new_params=params.delete(:order)不会工作,因为delete方法返回值,仅此而已。我们必须分3步完成吗?tmp_params=paramstmp_params.delete(:order)returntmp_params有没有更好的方法?因为我想做一个new_params=(params[:order].blank?||para
在Ruby类定义中,private关键字在以下场景中的作用域是什么:classFoodefbar_publicputs"public"endprivatedefbar_privateputs"private"enddefbar_public_2puts"anotherpublic"endendprivate是否只作用于bar_private?还是在bar_public_2上? 最佳答案 在您的例子中,bar_private和bar_public_2都是私有(private)的。那是因为这两种方法都在private关键字的“范围内”。
我正在尝试在ruby脚本中连接到服务器https://www.xpiron.com/schedule。但是,当我尝试连接时:require'open-uri'doc=open('https://www.xpiron.com/schedule')我收到以下错误消息:OpenSSL::SSL::SSLError:SSL_connectreturned=1errno=0state=SSLv2/v3readserverhelloA:sslv3alertunexpectedmessagefrom/usr/local/lib/ruby/1.9.1/net/http.rb:678:in`conn