I am attempting to setup postfix and dovecot on a LEMP server. I am using letsencrypt certificates. I suspect I am having a permissions problem because I cannot access the /etc/letsencrypt/live folder using cd unless I preface it with the sudo su command.
This seems to be affecting my dovecot configuration because dovecot is giving me the following fatal error:
doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 13: ssl_key: Can't open file /etc/letsencrpyt/
I have checked my letsencrypt certificate and pemchain path in dovecot settings multiple times and they are correct. So it appears that something else is blocking dovecot from accessing my certificate chain. I'm assuming it is the same thing that won't let me access my chain with out being root.
The Top of my /etc/dovecot/conf.d/10-ssl.conf page looks like this:
## ## SSL settings ## # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> ssl = required # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf ssl_cert = </etc/letsencrypt/live/mail.mysite.com/fullchain.pem ssl_key = </etc/letsencrpyt/live/mail.mysite.com/privkey.pem My /etc/dovecot/conf.d/10-ssl.conf has the following lines uncommented and edited. I am not actually using mail.mysite.com :
ssl = required ssl_cert = </etc/letsencrypt/live/mail.mysite.com/fullchain.pem ssl_key = </etc/letsencrpyt/live/mail.mysite.com/privkey.pem ssl_client_ca_dir = /etc/ssl/certs ssl_dh = </usr/share/dovecot/dh.pem The Results of:
ls -l /etc | grep letsencrypt drwxr-xr-x 9 root root 4096 Feb 20 12:44 letsencrypt My question is, how can I fix the above error and allow dovecot to access my letsencrypt certificate path correctly?
/etc/letsencrypt? Show result of this commandls -l /etc | grep letsencrypt.