IMAP proxy for Exchange - encrypted backend Communication?
Hello,
I try to setup a IMAP proxy for my old Exchange server. Running Dovecot v2.x on Centos 7.
So far I follow http://wiki2.dovecot.org/HowTo/ImapcProxy and it seem to work. The only but major thing is with this setup - the communication between proxy and backend is not encrypted. :(
To fix this, I changed the config and add: imapc_ssl=imaps imapc_port=993
but it doesnt work, because of verify failure of the self signed backend certificate:
Jan 5 21:48:55 imap dovecot: imap(user1): Error: imapc(192.168.1.1:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings) Jan 5 21:48:55 imap dovecot: imap(user1): Error: imapc(192.168.1.1:993): No SSL context Jan 5 21:48:55 imap dovecot: imap(user1): Error: imapc: Command failed: Disconnected from server Jan 5 21:48:55 imap dovecot: imap(user1): Error: user tkoenig: Initialization failed: Initializing mail storage from mail_location setting failed: Mailbox list driver imapc: Failed to access imapc backend Jan 5 21:48:55 imap dovecot: imap(user1): Error: Invalid user settings. Refer to server log for more information.
I didnt found anything in the documentation which tells dovcot not verify the backend certificate.
Is there a know way to get it runing?
Many thanks for any hint!
regrds, Tom
On 5 Jan 2017, at 22.56, tom posturne@gmail.com wrote:
Hello,
I try to setup a IMAP proxy for my old Exchange server. Running Dovecot v2.x on Centos 7.
So far I follow http://wiki2.dovecot.org/HowTo/ImapcProxy and it seem to work. The only but major thing is with this setup - the communication between proxy and backend is not encrypted. :(
To fix this, I changed the config and add: imapc_ssl=imaps imapc_port=993
but it doesnt work, because of verify failure of the self signed backend certificate:
you need to set:
imapc_ssl_verify = no
Regards, Sami
thx, I'll try it. Currently I use stunnel as a quick and dirty work around.
Tom
Am 6. Januar 2017 18:04:57 MEZ schrieb Sami Ketola sami.ketola@dovecot.fi:
On 5 Jan 2017, at 22.56, tom posturne@gmail.com wrote:
Hello,
I try to setup a IMAP proxy for my old Exchange server. Running Dovecot v2.x on Centos 7.
So far I follow http://wiki2.dovecot.org/HowTo/ImapcProxy and it seem to work. The only but major thing is with this setup - the communication between proxy and backend is not encrypted. :(
To fix this, I changed the config and add: imapc_ssl=imaps imapc_port=993
but it doesnt work, because of verify failure of the self signed backend certificate:
you need to set:
imapc_ssl_verify = no
Regards, Sami
participants (3)
-
Sami Ketola
-
Thomas Koenig
-
tom