[Dovecot] dovecot: imap-login: Disconnected (no auth attempts)
J4K
junk4 at klunky.co.uk
Mon Jan 9 11:52:22 EET 2012
On 09/01/12 10:41, Robert Schetterer wrote:
> Am 09.01.2012 10:37, schrieb Simon Loewenthal:
>> On 09/01/12 10:27, Robert Schetterer wrote:
>>> Am 09.01.2012 10:16, schrieb J4K:
>>>> Morning everyone,
>>>>
>>>> On the 8th of Jan the TLS/SSL certificate I use with Dovecot expired. I
>>>> replaced it with a new on the 9th of Jan. I tested this with
>>>> Thunderbird and all is well.
>>>>
>>>> This morning people tell me they cannot get their email using their
>>>> mobile telephones : K9 Mail
>>>>
>>>> I have reverted the SSL cert back to the old one just in case.
>>>> Thunderbird will works.
>>>>
>>>>
>>>> Dovecot 1:1.2.15-7 running on Debian 6
>>>>
>>>> The messages in the logs are:
>>>>
>>>> Jan 9 10:11:37 logout dovecot: imap-login: Disconnected (no auth
>>>> attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected
>>>> Jan 9 10:11:38 logout dovecot: imap-login: Disconnected (no auth
>>>> attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected
>>>>
>>>> In dovecot.conf I have this set :
>>>>
>>>> disable_plaintext_auth = no
>>>>
>>>> And the auth default mechanisms are set to:
>>>> mechanisms = plain login
>>>>
>>>> What is strange is the only item that changed is the SSL cert, which has
>>>> since been changed back to the old one (which has expired... ^^).
>>>>
>>>> Any ideas where I may look or change?
>>>>
>>>> Regards, S
>>> if you only changed the crt etc, and youre sure you did everything right
>>>
>>> perhaps you have forgot adding a needed intermediate cert ?
>>>
>>> read here
>>> http://www.trustico.co.uk/install/how-to-install-ssl-certificate.php
>>>
>>> Required Intermediate Certificates (CA Certificates)
>>>
>>> To successfully install your SSL Certificate you may be required to
>>> install an Intermediate CA Certificate. Please review the above
>>> installation instructions carefully to determine if an Intermediate CA
>>> Certificate is required, how to obtain it and correctly import it into
>>> your system. For more information please Contact Us.
>>> Alternatively, and for systems not covered by the above installation
>>> instructions, please use our Intermediate Certificate Wizard to find the
>>> correct CA Certificate or Root Bundle that is required for your SSL
>>> Certificate to function correctly. Find Out More Information
>> I know that the intermediate certs are messed up, which is why I rolled
>> back to the old expired certificate. I did not expect an expired
>> certificate to block authentication, and it does not mean that it does
>> block. The problem may be elsewhere.
> that might be a k9 problem ( older versions ) or in android older
> versions, is there a ignore ssl failure option as workaround
>
> what does thunderbird tell you about the new cert ?
>
> but for sure the problem may elsewhere
>> --
>> PGP is optional: 4BA78604
>> simon @ klunky . org
>> simon @ klunky . co.uk
>> I won't accept your confidentiality
>> agreement, and your Emails are kept.
>> ~Ö¿Ö~
>>
>
TB says unknown, and I know why. I have set the class 1 and class 2
certificate chain keys to the same, when these should be different.
Damn, StartCom's certs are difficult to set up.
Workaround for K9 (latest version) is to go to the Account Settings ->
Fetching -> Incoming Server, and click Next. It will attempt to
authenicate and then complain about the certificate. One can ignore the
warning and accept the certificate.
Cheers all.
Simon
More information about the dovecot
mailing list