[Dovecot] SSL with startssl.com certificates
Reindl Harald
h.reindl at thelounge.net
Wed Oct 9 22:31:04 EEST 2013
Am 09.10.2013 21:27, schrieb Eliezer Croitoru:
> On 09/13/2013 02:59 PM, Dan Langille wrote:
>>
>> *** /var/log/maillog ***
>> Sep 13 11:50:46 imaps dovecot: imap-login: Warning: SSL failed:
>> where=0x2002: SSLv3 read client certificate A [166.137.84.11]
>> Sep 13 11:50:46 imaps dovecot: imap-login: Disconnected (no auth
>> attempts in 1 secs): user=<>, rip=166.137.84.11, lip=199.233.228.197,
>> TLS handshaking: Disconnected, session=<a7AJd0LmWwCmiVQL>
> How about tring to use a username to identify the user??
> it is very clear that there is nothing that the client tries to do...
it is much more clear that there is no username if the client
refuses the SSL handshake because it does not like the cert
or the offered ssl-ciphers
user=<> is pretty normal in a lot of cases
* ssl cert not accepted and not allowed by the user in case of untrusted
* no cipher the client accpets
* no auth-mech the client accepts offered by the server
so how do *you* imagine to see a username in the log?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20131009/24b374c6/attachment.bin>
More information about the dovecot
mailing list