Re: [Dovecot] imap-login - where does the user get filled in from?
At 3PM -0800 on 6/12/12 Jeff Lacki wrote:
Ben Morrow ben@morrow.me.uk wrote:
imap-login: Disconnected (no auth attempts in 60 secs): user=<>, rip=192.168.1.1, lip=192.168.1.22, TLS handshaking: Disconnected
Just to be sure: you have replaced the self-signed certificate Dovecot installs with one which is signed by a public CA?
I created my own self-signed certificate with mkcert.sh that comes with dovecot. Changed my hostname to mail.myhostname.com and the other stuff, installed etc.
An iPhone won't accept a self-signed certificate unless you install it in the system trusted certificate list. I don't know how you do that, or even if it's possible...
Ben
Ben Morrow ben@morrow.me.uk wrote:
An iPhone won't accept a self-signed certificate unless you install it in the system trusted certificate list. I don't know how you do that, or even if it's possible...
Ben
Yes, it can be done. You just put the file in a place in the browser, then go to it and it asks you to install it on the phone. So I did that and it shows that its installed.
As I said, I was able to connect to my server and login with:
openssl s_client -connect myhost.com:993
successfully, so I am assuming its a config issue somewhere else, though Im still too new to how this works to understand things fully yet.
/mf/home/jeep/shell/.signature
jeep@rahul.net (Jeff Lacki) wrote:
Yes, it can be done. You just put the file in a place in the browser, then go to it and it asks you to install it on the phone. So I did that and it shows that its installed.
As I said, I was able to connect to my server and login with:
openssl s_client -connect myhost.com:993
successfully, so I am assuming its a config issue somewhere else, though Im still too new to how this works to understand things fully yet.
Ok I believe its solved, and it was my fault of course. I hadnt entirely setup the directory structure on my filesystem for the mailbox stuff. Once I cleaned up all the errors that I found using the openssl command above and logging in etc manually, it now seems to work.
Sorry if this was wasted bandwidth, maybe it will help someone else later. Thanks for your help! Jeff
/mf/home/jeep/shell/.signature
On 2012-12-06 7:11 PM, Ben Morrow ben@morrow.me.uk wrote:
An iPhone won't accept a self-signed certificate unless you install it in the system trusted certificate list. I don't know how you do that, or even if it's possible... Ben
Not true anymore (used to be though)... we use self-signed certs (and have been for a long time).
Now, when you first connect, you get a prompt that you just have to say 'Continue' and it installs the cert permanently, although you have to do it twice (once for inbound server, and once for outbound, if the server name is different).
I still for the life of me don't understand why Apple (and Thunderbird for that matter), usually so good at the whole 'user experience' thing, doesn't default to, or even allow you to manually choose an option to 'Use same username/password for sending as receiving'...
--
Best regards,
Charles
participants (3)
-
Ben Morrow
-
Charles Marcus
-
jeep@rahul.net