Richard wrote:
hi,
SSL certs & TLS usage are fine/good on my system with other mail apps,
but, so far, w/ cyrus-latest, no luck.
after a successful server build/install/launch, an (simple?) attempt to
check TLS function w/:
% imtest -v \
-t "/var/CERTS/mail.testdomain.com.CYRUSkey.rsa.pem" \
Are you sure that the file above is a x.509 valid certificate and not
it's private key ?
-p imap \
-m digest-md5 \
-a testuser.admin@xxxxxxxxxxxxxxxxxxx \
-u testuser.admin@xxxxxxxxxxxxxxxxxxx \
-r mail.testdomain.com \
mail.testdomain.com
TLS works fine for me:
imtest -t '' -a ME@server -m DIGEST-MD5 localhost
S: * OK mail.server Cyrus IMAP4 v2.2.12 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
STARTTLS AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=NTLM SASL-IR X-NETSCAPE
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=19:self signed certificate in certificate chain
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=LOGIN AUTH=NTLM SASL-IR X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE DIGEST-MD5
and so on..
so you can be sure that it works, it must be something that you
overlooked, simply try and connect with a imap client directly.
mitu
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
