[Dovecot] IPv6 & SSL
Luigi Rosa
lists at luigirosa.com
Sat Oct 6 08:20:20 EEST 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nick Rosier said the following on 05/10/12 22:47:
>> How do you enable this in Thunderbird? If by "enabling IPv6" you mean you
>> put in the IPv6 address in stead of the hostname, that's probably where
>> you're wrong. The certificate contains your hostname, not the IP-address
>> so the hostname verification check fails if you insert the IPv6 address
>> (i.e. hostname.tld != 2001:470:1f09:203:fdbf:508e:4a29:56c5so your
>> connection fails).
Good point. But does not explain why it works if I put the IPv4 address of the
server (the local LAN IPv4, not the public IPv4).
>> I've verified this by changing the hostname to IPv6 in Thunderbird and
>> got the same error as you do. You would get the same error if you
>> configure the IPv4 address in TB.
The server I am referring to has 2 NICs one with a public IP and the other
with a local IP address (10.0.0.254)
If I put 10.0.0.254 instead of the IPv6 address I can successfully connect
using TLS:
Oct 6 07:13:44 mail dovecot: imap-login: Login: user=<lrosa at hypertrek.info>,
method=CRAM-MD5, rip=10.0.0.155, lip=10.0.0.254, mpid=17812, TLS,
session=<LZhzDV3LMQAKE0Ob>
>> Configure your DNS so your hostname points to both the IPv6 and IPv4
>> address. Your client will take take whichever protocol is preferred (IPv4
>> or IPv6).
Thunderbird uses IPv4 as mail protocol, I wanted to test IPv6...
Thank you for your help
Ciao,
luigi
- --
/
+--[Luigi Rosa]--
\
Success is 99% failure.
--Soichiro Honda
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlBvv4kACgkQ3kWu7Tfl6ZQp2wCgvXPgRGANlAIaVkMvXZHIThYE
OiwAoIOqIMD+3mT1znMl6lCCbHanwBta
=B/r2
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list