Kopano ical - SSL not working

UCS - Univention Corporate Server
,
#1

Hi,

I figured out that kopano-ical seems not be able to read the certificate key file. The domain.key file has 0640 rights for root. May I change the rights manually and will this work without any issues to other services or is there something not like expected with kopano-ical?

Kopano ical log

Starting kopano-ical version 8.7.0 (pid 13609 uid 998)
ECChannel::HrSetCtx(): cannot open key file
Error loading SSL context, ICALS will be disabled: call failed (80004005)

Kopano ical config

# File with RSA key for SSL
# Warning: the value "ssl_private_key_file" has been set via UCR variable "kopano/cfg/ical/ssl_private_key_file"
ssl_private_key_file = /etc/univention/letsencrypt/domain.key

# File with certificate for SSL
# Warning: the value "ssl_certificate_file" has been set via UCR variable "kopano/cfg/ical/ssl_certificate_file"
ssl_certificate_file = /etc/univention/letsencrypt/signed_chain.crt

Andy

[SOLVED] Frage zu Let's Encrypt und custom Zugriffsrechte (ACL) für die Datei domain.key
#2

Hi @raceface2nd,

the Kopano user is missing read permissions on the configured files (or the paths leading up to it).

#3

Hi @fbartels,

Quick question . . . I added read permissions for the kopano user by using setfacl now. Do I have to repeat this when I change the config for letsencrypt?

Andy

#4

I can’t say. I don’t know how the lets encrypt app is creating these files.

#5

Understand, the weird thing for me is that kopano-ical was the only service with this issue. All other services do not have this issue.

Mastodon