[Dovecot] Enabling even more debug info for SSL/TLS handling during handshaking?
Johan Persson
johanp at aditus.nu
Thu Mar 19 01:37:25 EET 2009
Hi,
I'm working with a an IMAP client for a S60 (Nokia) phone and we are having a
small problem (not in Dovecot!) but somewhere deep in our own system which has
to do with certificates that are self signed.
Somehow in some circumstance if you accept a self-signed certificate as an
exception then the client will send a strange command to the imap-login which
it doesn't recognize. We are quite sure this is a problem in our own system
and not with Dovecot
Since we have no access to the certificate (SSL/TLS) handling code we are a
bit at loss here and have to "proof" to "the other" guys in Finland that it's
there fault :-)
The type of errors that show up in Dovecot in these circumstances are (with
the real username and IP address removed)
------------
imap-login: Disconnected (no auth attempts): rip=some.ip.address
user_name=192.168.0.2, TLS handshaking: SSL_accept() failed:
error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpectedmessage
------------
Is there some more debugging we could enable to see exactly the type of wrong
command the SSL/certificate handling are send in the handshake procedure ?
(We have all the debug and/or the auth_* flags in dovecot.conf enabled
already)
Any idea?
Johan
More information about the dovecot
mailing list