TLS problem after upgrading from v2.2 to v2.3
Jan Vejvalka
jan.vejvalka at lfmotol.cuni.cz
Sun Jan 7 01:50:01 EET 2018
Hi Goetz,
thanks, I tried your list - and I quickly ran back, as I noticed
that this time I disconnected a user who is much less cooperative :-)
Jan
On 06.01.2018 20:47, Goetz Schultz wrote:
> Hi Jan,
>
> fair enough. You may want to try mine to see if it works - if yes,
> it might be worthwhile digging deeper. Tbh I had not default settings
> on for a long time.
>
>
> Thanks and regards
>
> Goetz R. Schultz
>
> On 06/01/18 18:30, Jan Vejvalka wrote:
>> Thanks for your reply; I used the defaults, both before and after
>> the upgrade, cf. https://wiki2.dovecot.org/Upgrading/2.3 -> Setting
>> default changes. The new defaults broke the connection.
>>
>> Jan
>>
>>
>>
>>> what are your settings?
>>>
>>> Mine are below and they work just fine:
>>>
>>> ssl_cipher_list =
>>> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!SSLv2:!SSLv3
>>>
>>
>
More information about the dovecot
mailing list