Forum

 
Current User: Guest Login Register
Please consider registering


Register? | Lost Your Password?

Search Forums:


 






Minimum search word length is 4 characters – Maximum search word length is 84 characters
Wildcard Usage:
*  matches any number of characters    %  matches exactly one character

Home Forum Mail Server securing SquirrelMail with SSL

securing SquirrelMail with SSL
Page:   1   Reply to Post Add a New Topic
UserPost

10:11 am
July 12, 2011


scott_the_musician

Melbourne, Australia

Member

posts 5
  Quote and Reply
  Report Post
Print this Post
1

Hi Consultant,

3x things to point out about this tutorial:

Firstly, instead of:

DocumentRoot = /usr/share/squirrelmail
ServerName = mail.acme.local:443

it needs to read:

DocumentRoot /usr/share/squirrelmail
ServerName mail.acme.local:443

i found that httpd would not restart until this change was made, throwing up an error of: Syntax error on line 4 of /etc/httpd/conf.d/ssl.conf: DocumentRoot takes one argument, Root directory of the document tree [FAILED]

Next, one needs the following two lines at the top of their ssl.conf file:

LoadModule ssl_module modules/mod_ssl.so
Listen 443

Otherise, httpd doesn't know what SSLCertificateFile is, and again it won't start. The syntax error is: "Invalid command 'SSLCertificateFile', perhaps misspelled or defined by a module not included in the server configuration"

Finally, I'm still getting the following error when trying to connect to my site:

(Error code: ssl_error_rx_record_too_long)

Any thoughts on what to do? in telnet it looks like ssl is running ok in psotfix and dovecot. My ssl.conf file looks like this:

LoadModule ssl_module modules/mod_ssl.so
Listen 443

DocumentRoot /usr/share/squirrelmail
ServerName mail.my.fqdn.name:443
SSLCertificateFile /etc/pki/tls/certs/mail.my.fqdn.name.cert
SSLCertificateKeyFile /etc/pki/tls/private/mail.my.fqdn.name.key

been racking my brain about this for a few days, so hope you can help. Cheers, Scott.

 

" System Administrators are like werewolves. They may
look outwardly ordinary, but are incredibly strong, mostly invulnerable
to stuff that would kill regular people — and prone to strange
transformations during a moon "outage". "

9:00 am
July 25, 2011


consultant

Admin

posts 353
  Quote and Reply
  Report Post
Print this Post
2

Post edited 9:01 am – July 25, 2011 by consultant

Hi Scott,

Firstly, instead of:

DocumentRoot = /usr/share/squirrelmail

ServerName = mail.acme.local:443

it needs to read:

DocumentRoot /usr/share/squirrelmail

ServerName mail.acme.local:443

 

Thanks for pointing that out, the screen shot has the correct lines. I got it wrong during the documentation part.

 

Next, one needs the following two lines at the top of their ssl.conf file:


LoadModule ssl_module modules/mod_ssl.so

Listen 443

 

Mine already have those, are you using RHEL or CentOS?

 

Finally, I'm still getting the following error when trying to connect to my site:

(Error code: ssl_error_rx_record_too_long)

 

A proxy, traffic shaper or some other device is causing this. Try to connect directly to the server or use a different browser. This will enable us to isolate the problem if any of the above works.

 
Page:   1   Reply to Post

Reply to Topic:
securing SquirrelMail with SSL

Guest Name (Required):

Guest Email (Required):

Smileys
Confused Cool Cry Embarassed Frown Kiss Laugh Smile Surprised Wink Yell
Post New Reply

Guest URL (required)

Math Required!
What is the sum of:
4 + 6    

Topic RSS

About the Linux Mail Server Setup and Howto Guide Forum

Forum Timezone: America/New_York

Most Users Ever Online: 60

Currently Online:
16 Guests

Currently Browsing this Topic:
1 Guest

Forum Stats:

Groups: 2
Forums: 5
Topics: 343
Posts: 1062

Membership:

There are 966 Members
There have been 91 Guests

There is 1 Admin

Top Posters:

shanmugasundaram s – 46
Kendermin – 15
Ginger – 14
bighorn – 14
iron_michael86 – 12
Raminda – 11

Recent New Members: waveney, achal, niesul14, hesaum, sreevinodss, nasonov

Administrators: consultant (353 Posts)