openssl question

Selcuk Yazar selcuk.yazar at gmail.com
Tue Jan 9 10:06:52 EET 2018


Ok, i understand the difference.

openssl s_client -starttls imap -connect mail.mydomain:143
openssl s_client -connect mail.mydomain:993

these command runs as expected.

i know this forum isn2T about thunderbird  but, when setup account in
thunderbird 993 port and with SSL,
i see this line on dovecot.log

TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher


our dovecot (2.0.9 on redhat) 10-ssl.conf file we have

ssl_cipher_list =
kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES:!SSLv3

settings.

this settings is correct for dovecot ? if they correct , can we say there
is problem for thunderbird ? :)

thanks in advance


On Tue, Jan 9, 2018 at 3:59 AM, Joseph Tam <jtam.home at gmail.com> wrote:

>
> but i try to this command
>>
>> openssl s_client -connect mail.mydomain:pop3s -starttls imap
>>
>> it says CONNECTED and hang. second command is correct?
>>
>
> Uh, "pop3s" != "imap", and IMAP/STARTTLS is not the same as IMAP/SSL (or
> whatever the hell the terminology is nowadays).
>
> If you're testing IMAP, try one or the other or both depending
> of how many flavours of SSL you got going.
>
>         openssl s_client -starttls imap -connect mail.mydomain:143
>         openssl s_client -connect mail.mydomain:993
>
> Joseph Tam <jtam.home at gmail.com>
>



-- 
Selçuk YAZAR
http://www.selcukyazar.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180109/d077e18f/attachment.html>


More information about the dovecot mailing list