On 4 Sep 2019, at 21:35, Jean-Daniel jddupas@xooloo.com wrote:
Just a wild guess as I didn’t try to configure Mail on Catalina yet, but it looks like your server only supports ‘DHE-RSA…’ ciphers. I think that modern systems prefers using ECDHE key exchange and would not be surprise if iOS requires it.
Well I got the OpenSSL parts working now, but newer versions still refuses to work after establishing with ECDHE, I just get no login attempts and no user:
imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=55.66.77.88, lip=11.22.33.44, TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Regards Henrik
Non working iOS 13
Sep 08 11:25:47 auth: Debug: auth client connected (pid=23934)
SeSep 08 11:25:47 auth: Debug: auth client connected (pid=23934)p 08 11:25:47 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A
SeSep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A
SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A
SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A
SSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: whereSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A =0x2002,Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A
Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
Sep 08 1Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A
1:25Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A
:Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A
4Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A
11:25:47 imap-login: Debug: SSL alert: close notify
Sep 08 11:Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read certificate verify A
25Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A
Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A
:47 Sep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A
iSep 08 11:25:47 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data
map-Sep 08 11:25:47 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully
SSLv3 write key exchange A
Sep 08 11:24:09 imap-login: Debug: SSL: wherSep 08 11:25:47 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully e=0x2001, ret=1:Sep 08 11:25:47 imap-login: Debug: SSL alert: close notify
Sep 08 11:25:47 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=55.66.77.88, lip=11.22.33.44, TLS, TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits), session=
Working MacOS 10.14.6
Sep 08 11:24:09 auth: Debug: auth client connected (pid=23912) Sep 08 11:24:09 imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv2/v3 read client hello A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A ep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, reSep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client certificate A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A ep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read certificate verify A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read finished A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read finished A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write finished A Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data Sep 08 11:24:09 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation finished successfully Sep 08 11:24:09 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully