[Dovecot] SSL with startssl.com certificates
Dan Langille
dan at langille.org
Tue Sep 17 17:44:40 EEST 2013
On 2013-09-17 10:39, Reindl Harald wrote:
> Am 17.09.2013 16:32, schrieb Dan Langille:
> *what* says "telnet your-server 143"
> $ telnet imaps.unixathome.org 143
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> IDLE STARTTLS AUTH=PLAIN] Dovecot ready.
>
> At present, I am using dovecot-1.2.17 on another server with a
> certificate from StartCom:
>
> $ openssl s_client -connect nyi.unixathome.org:993 -quiet
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> AUTH=PLAIN] Dovecot ready.
>
>
> The server which fails me is running 2.1.16 (was 2.2 before this
> morning)
>
> $ openssl s_client -connect imaps.unixathome.org:993 -quiet
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> IDLE AUTH=PLAIN] Dovecot ready.
>
> Somewhere, somehow, there is something vastly different and not working
>
> you are making it hard to impossible to help you if you are mixing
> servers and
> their responses and port 993 will *never ever* show STARTTLS because it
> is
> IMAPS which enforces a encrypted connection and *not* STARTTLS where
> the
> inital connection is unencrpyted by design
>
> so *please* stay at *one* config, *one* machine and *one* port for
> debugging
>
> if the machine in question announces STARTTLS on port 143 it should
> work
> and that is why i asked if *a different client* than a iPhone is using
> STARTTLS on *that* machine with *that config*
Oh I misunderstood. I thought you were suggesting I stop trying to get
this to work,
give in, and *just use another email client*. My apologies.
I was looking for another iPhone email client which was free and did
iMap. I failed. I think I'll
just have to pay for one and try it.
I've run out of time just now. I'll try again soon.
Thank you.
--
Dan Langille - http://langille.org/
More information about the dovecot
mailing list