In honor of xkcd 979, I’m posting this so future generations of Courier-IMAP users won’t have to Bing for a solution in vain (and hit lots of useless advice). In the process of finally getting around to upgrading my 2008-era courier-imap 4.1.1 setup to the shiny new 4.15 hotness and putting things in Chef templates, I encountered this error in /var/log/maillog:
imapd-ssl: couriertls: /etc/pki/tls/private/blah-certkey.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
My certificate file has three things in it, my SSL certificate, the intermediate CA certificate, and the private key. After making sure I didn’t have wonky ^M, line feeds or malformed certificate START/END headers, I started bisecting the old config with my new template. I discovered I was missing the dhparams parameter configuration which is new in 4.15:
TLS_DHPARAMS="/usr/lib/courier-imap/share/dhparams.pem"
This file is generated by the courier-imap-mkdhparams cronjob. I read the release notes before upgrading but clearly forgot to check for this after upgrading. Added this to my template, now Courier IMAP is a happy camper.
Woah, thanks.
Same pb here, for some time, and googling was unfruitful.
Cheers,
THANK YOU!!! Sooo many posts about this error but adding TLS_DHPARAMS= to my config got rid of the error.
Hello. I LOL’d at the XKCD ref. I remember that one. Thank you so much for taking the time to do this. Sometimes its just hard to find time to read all the notes.
hi,
thanks for your post – even debian finally upgraded to the new version of courier-imapd ;)
cheers
a.z