I upgraded to Ubuntu 20.04.1 and chose to keep my existing config files, and my mail server stopped working. In the log I saw:
Nov 25 09:07:57 machine dovecot: imap-login: Error: Failed to initialize SSL server context: Can't load DH parameters: error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small: user=<>, rip=someip, lip=someip, session=<someid>
I was able to fix this by modifying /etc/dovecot/conf.d/10-ssl.conf and adding this line:
ssl_dh = </usr/share/dovecot/dh.pem
Please let me know if I’ve introduced an horrific security bug, won’t you?
9 thoughts on “Dovecot not working after upgrade to Ubuntu 20.04.1 (dh key too small)”
Some files were in different places on my (Debian / ISPConfig) setup but your solution helped me find my way through config files. BIG THANKS!
Good to hear AndrÃ©!
Thank you! you saved my morning ;)
Thank you so much! I did an upgrade 3 days ago and just noticed today. Added the line, restarted dovecot and voila!
You saved me a lot of time! Thank You!
Got me back in business pronto. A thousand upvotes.
Thanks this saved the day!