Johan,
As far as cert negotiation happens on very early stages of protocol just write as small program with as many debugging as you want.
-Dmitry
Johan Persson wrote:
Hi,
t's not easily reproducible?
Yes, this is 100% reproducible if you use the "Accept certificate permanently" when the client receives the warning that the certificate on the server is not trusted.
The strange thing is that if you instead use "Accept certificate only this time" then it works
Since we have no access to the certificate (SSL/TLS) handling code we are a bit at loss here and have to "proof" to "the other" guys in Finland thatc it's there fault :-)
You mean a bug in S60 libraries? Yep. Since it seems that the server receives some erronous messages
verbose_ssl=yes makes Dovecot log all errors/warnings that OpenSSL can Yes, this is already enabled
http://crypto.stanford.edu/~eujin/sslsniffer/index.html Will have a look at this.
Thanks! Johan
-- Dmitry Samersoff dms@samersoff.net, http://devnull.samersoff.net
- There will come soft rains ...