BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Debian Buster
- Subject: [Discuss] Debian Buster
- From: richard.pieri at gmail.com (Rich Pieri)
- Date: Sun, 8 Sep 2019 11:36:24 -0400
Finally got around to bumping my home server to Buster (Debian 10). Only one hitch and it's Dovecot again. The new version of Dovecot requires a large (minimum 2048-bit) DH key. The upgrade process does not have the decency to generate this key and the instructions provided are incorrect. They generate a DH key ~half the minimum size Dovecot 2.3 requires. Specifically: dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem should be dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam 2048 -inform der > /etc/dovecot/dh.pem to generate a dh.pem of requisite size. Merging the private and public SSL certificates into a single file may also be necessary. -- Rich Pieri
- Follow-Ups:
- [Discuss] Debian Buster
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Debian Buster
- Prev by Date: [Discuss] Our 25th Anniversary
- Next by Date: [Discuss] excessive memory usage in Ubuntu
- Previous by thread: [Discuss] Our 25th Anniversary
- Next by thread: [Discuss] Debian Buster
- Index(es):