-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Nick Rosier said the following on 05/10/12 22:47:
How do you enable this in Thunderbird? If by "enabling IPv6" you mean you put in the IPv6 address in stead of the hostname, that's probably where you're wrong. The certificate contains your hostname, not the IP-address so the hostname verification check fails if you insert the IPv6 address (i.e. hostname.tld != 2001:470:1f09:203:fdbf:508e:4a29:56c5so your connection fails).
Good point. But does not explain why it works if I put the IPv4 address of the server (the local LAN IPv4, not the public IPv4).
I've verified this by changing the hostname to IPv6 in Thunderbird and got the same error as you do. You would get the same error if you configure the IPv4 address in TB.
The server I am referring to has 2 NICs one with a public IP and the other with a local IP address (10.0.0.254)
If I put 10.0.0.254 instead of the IPv6 address I can successfully connect using TLS:
Oct 6 07:13:44 mail dovecot: imap-login: Login: user=<lrosa@hypertrek.info>, method=CRAM-MD5, rip=10.0.0.155, lip=10.0.0.254, mpid=17812, TLS, session=<LZhzDV3LMQAKE0Ob>
Configure your DNS so your hostname points to both the IPv6 and IPv4 address. Your client will take take whichever protocol is preferred (IPv4 or IPv6).
Thunderbird uses IPv4 as mail protocol, I wanted to test IPv6...
Thank you for your help
Ciao, luigi
/ +--[Luigi Rosa]-- \
Success is 99% failure. --Soichiro Honda -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlBvv4kACgkQ3kWu7Tfl6ZQp2wCgvXPgRGANlAIaVkMvXZHIThYE OiwAoIOqIMD+3mT1znMl6lCCbHanwBta =B/r2 -----END PGP SIGNATURE-----