| When updating dovecot, my ssl configuration stopped working because ssl_dh parameter was missing in /etc/dovecot/conf.d/10-ssl.conf. I had to generate dh.pem and add it to 10-ssl.conf myself. |
Update has broken Dovecot config, it’s possibile you dont have dh.pem and only fullchain.pem / privkey.pem (Let’s Encrypt)
— FIX —
# openssl dhparam -out /etc/dovecot/dh.pem 4096 -days 3650
Generating DH parameters, 4096 bit long safe prime, generator 2
This is going to take a long time………
— CONFIG —
sudo vi /etc/dovecot/conf.d/10-ssl.conf
———————————— EXAMPLE ———————————–
ssl = yes
ssl = required
ssl_cert = </etc/letsencrypt/live/myserver.xyz/fullchain.pem
ssl_key = </etc/letsencrypt/live/myserver.xyz/privkey.pem
ssl_dh = </etc/dovecot/dh.pem
———————————— EXAMPLE ———————————–
Remember to restart dovecot:
# systemctl restart dovecot