[Dovecot] STARTTLS problem

2 Feb 2011

      Hi,
We try to configure dovecot as usual (all our servers have
dovecot+vpopmail+qmail or postfix).
We set up dovecot with the next outcome:

imap ok
imaps ok
imap STARTTLS NOT OK

Debug:
root@s13:/home/lucas# gnutls-cli --starttls -p 143 ip
Resolving 'ip'...
Connecting to 'ip'...

Simple Client Mode:

OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready.
*** Starting TLS handshake

*** Non fatal error: Resource temporarily unavailable, try again.
*** Fatal error: A TLS packet with unexpected length was received.
*** Handshake has failed
Same result with thunderbird and openssl.
Log:
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x10,
ret=1: before/accept initialization [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: before/accept initialization [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv2/v3 read client hello A [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 read client hello A [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write server hello A [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write certificate A [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write server done A [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 flush data [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [83.61.13.57]
Feb  2 20:26:58 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [83.61.13.57]
Feb  2 20:27:34 s13 dovecot: imap-login: Warning: SSL failed:
where=0x2002: SSLv3 read client certificate A [83.61.13.57]
Feb  2 20:27:34 s13 dovecot: imap-login: Disconnected (no auth
attempts): rip=83.61.13.57, lip=109.200.5.221, TLS handshaking: Disconnected
My config:
# 2.0.9: /opt/dovecot/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-27-server x86_64 Ubuntu 8.04
auth_mechanisms = plain login cram-md5
default_login_user = vpopmail
disable_plaintext_auth = no
first_valid_gid = 89
first_valid_uid = 89
last_valid_gid = 89
last_valid_uid = 89
listen = ip
mail_debug = yes
mail_gid = 89
mail_uid = 89
passdb {
driver = vpopmail
}
plugin {
quota = maildir:User quota
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
setting_name = quota, trash
}
protocols = imap pop3
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service imap {
process_limit = 1024
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
process_limit = 1024
}
ssl_cert = 
Any clue?
Thank you in advanced,
Lucas

[Dovecot] STARTTLS problem

Lucas -LandM-