[Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking)

ycc_Swe yngve_l2 at hotmail.com
Thu Nov 8 09:54:21 EET 2012 

Thank you for your reply.

I read the page you link to. As I understand I should set the ssl-parameter
in 10-ssl.conf to "yes" or "required".

I should also have permissions like this:
root at deb7:/etc/dovecot/conf.d# ls -l /etc/ssl/*/dovecot.pem
-r--r--r-- 1 root root 1326 Nov  3 14:24 /etc/ssl/certs/dovecot.pem
-r-------- 1 root root 1704 Nov  3 14:24 /etc/ssl/private/dovecot.pem
root at deb7:/etc/dovecot/conf.d#

Other information on the page, as I understand, has to do with more
"advanced" setups than mine.

I still have the same problem. When I set ssl parameter to yes/required I
can still not connect to port 995.
This time I set ssl=verbose. This is what the log shows when I try to
connect with ssl.

Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1:
before/accept initialization [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
before/accept initialization [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 read client hello A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write server hello A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write certificate A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write server done A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 flush data [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 read client key exchange A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 read finished A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write change cipher spec A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write finished A [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 flush data [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1:
SSL negotiation finished successfully [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1:
SSL negotiation finished successfully [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008,
ret=256: warning close notify [12.12.12.7]
Nov  8 08:42:25 deb7 dovecot: pop3-login: Disconnected (no auth attempts in
0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, 

session=<zrnz+fbNpwBBNykH>
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x10, ret=1:
before/accept initialization [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
before/accept initialization [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 read client hello A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write server hello A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write certificate A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write server done A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 flush data [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 read client key exchange A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 read finished A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write change cipher spec A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 write finished A [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2001, ret=1:
SSLv3 flush data [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x20, ret=1:
SSL negotiation finished successfully [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002, ret=1:
SSL negotiation finished successfully [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Warning: SSL alert: where=0x4008,
ret=256: warning close notify [12.12.12.7]
Nov  8 08:42:26 deb7 dovecot: pop3-login: Disconnected (no auth attempts in
0 secs): user=<>, rip=12.12.12.7, lip=13.13.13.239, TLS: Disconnected, 

session=<N9L9+fbNqABBNykH>
root at deb7:/etc/dovecot/conf.d#


root at deb7:/etc/dovecot/conf.d# doveconf -n
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-3-686-pae i686 Debian wheezy/sid
disable_plaintext_auth = no
mail_gid = mail
mail_location = mbox:~/mail:INBOX=/var/mail/%u
namespace inbox {
  inbox = yes
  location =
  prefix =
}
passdb {
  args = scheme=CRYPT username_format=%u /etc/dovecot/users
  driver = passwd-file
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
protocols = " imap pop3"
ssl = required
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  args = username_format=%u /etc/dovecot/users
  driver = passwd-file
}
root at deb7:/etc/dovecot/conf.d#


Thanks for repying. I still have the same problem. Dovecot works for me on
port 110, but not on 995/ssl.




--
View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-ok-for-port-110-but-not-for-SSL-beginner-asking-tp38611p38656.html
Sent from the Dovecot mailing list archive at Nabble.com.

More information about the dovecot mailing list