Why doesn't dovecot accept a SSL certificate?

Question

I trying to setup a mail server on my server, I followed the following instructions:

https://help.ubuntu.com/10.04/serverguide/C/certificates-and-security.html
https://help.ubuntu.com/10.04/serverguide/C/postfix.html

but in the system log I am sill getting the following error:

Sep 25 14:00:38 tanko-20590 dovecot: managesieve-login: Fatal: Can't load certificate file /etc/ssl/certs/ssl-mail.pem: The file doesn't contain a cer$
Sep 25 14:00:38 tanko-20590 dovecot: pop3-login: Fatal: Can't load certificate file /etc/ssl/certs/ssl-mail.pem: The file doesn't contain a certificat$
Sep 25 14:00:38 tanko-20590 dovecot: pop3-login: Fatal: Can't load certificate file /etc/ssl/certs/ssl-mail.pem: The file doesn't contain a certificat$
Sep 25 14:00:38 tanko-20590 dovecot: imap-login: Fatal: Can't load certificate file /etc/ssl/certs/ssl-mail.pem:

Answer 1

I used tinyca2 to create my certificates. It is available as a package. In Ubuntu you may want to add dovecot to the ssl-cert group. This will allow it to read certificates from the standard directories. Try using the following command.

adduser dovecot ssl-cert

You will also want to ensure the ssl-cert group can read the key for the certificate.

chgrp ssl-cert /etc/ssl/cert/ssl-mail-key.pem 

Normally your certificate goes in /etc/ssl/certs and the key in /etc/ssl/private.

Answer 2

The creation and configuration of certificates for Dovecot is documented in the Wiki.

If you followed the instructions and it still does not work then we need way more information than "it does not work".