Certificates too large for sendmail?


#1

I have letsencrypt certificates working with my web server and dovecot imapd. When I try to use the same certificate for sendmail, it fails to initialize TLS on startup, with the following error:

sm-mta[7459]: STARTTLS=server: file /etc/letsencrypt/live/mail.dolorespark.org/cert.pem unsafe: Value too large for defined data type

Here’s what I’ve set in sendmail.mc:

include(`/etc/mail/tls/starttls.m4')dnl
include(`/etc/mail/sasl/sasl.m4')dnl
define(`confCACERT_PATH', `/etc/ssl/certs')dnl
define(`confCACERT', `/etc/letsencrypt/live/mail.dolorespark.org/chain.pem')dnl
define(`confSERVER_CERT', `/etc/letsencrypt/live/mail.dolorespark.org/cert.pem')dnl
define(`confSERVER_KEY', `/etc/letsencrypt/live/mail.dolorespark.org/privkey.pem')dnl
define(`confCLIENT_CERT', `/etc/letsencrypt/live/mail.dolorespark.org/cert.pem')dnl
define(`confCLIENT_KEY', `/etc/letsencrypt/live/mail.dolorespark.org/privkey.pem')dnl

TLS works on my system (Debian, sendmail 8.15.2-3) with a self-signed certificate. Has anybody else seen this error with letsencrypt certificates?

Thanks,
JMC


#2

Maybe der type expected ?


#3

JMC did you solve somehow this ?