On Thu, Nov 24, 2022 at 1:34 PM Six002 <six002@protonmail.com> wrote:

Hello,
I have ubuntu 22.04, dovecot 2.3.16 and old email client (Outlook 2013) and their dont support TLSv1_2.
In dovecot 10-ssl.conf i put: ssl_min_protocol = TLSv1,
in openssl.cnf i have:
openssl_conf = default_conf
[ default_conf ]
ssl_conf = ssl_section
[ssl_section]
system_default = ssl_default_sectq
[ssl_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT:@SECLEVEL=1

but when i check openssl s_client -connect localhost:993 -tls1_1
have output:

CONNECTED(00000003)
803BD26AC67F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:../ssl/record/rec_layer_s3.c:308:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 111 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1668602712
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---

version tls1_2 and 1_3 works fine.
What I doing wrong?
Thanks for help.

Not to answer your question about TLS, but about Outlook. Your version of Outlook is outdated and seeing as you use Outlook with Dovecot, there is nothing special

that you need Outlook for. Why not just switch to something like Thunderbird for a MuA?

Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)