Since I upgraded to 2.3.11, It's seems i've got the same problem. I can use TLS via SSL via imaps on port 993 when i disable the tls_ca_file : imaps[45635]: TLS server engine: cannot load CA data Jan 2 17:34:47 imaptest imaps[45635]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits reused) no authentication Jan 2 17:34:47 imaptest imaps[45635]: login: [x.x.x.x] toto2 plain+TLS User logged in but I can't connect to TLS via imapd on port 143 : TLS server engine: cannot load CA data Jan 2 17:35:37 imaptest imap[45653]: TLS server engine: No CA file specified. Client side certs may not work Jan 2 17:35:37 imaptest imap[45653]: STARTTLS negotiation failed: [ x.x.x.x ] I use client certificate.
Not in the first example. "plain+TLS" means that a password was used. So does logging in via TLS on port 143 work if you use a password instead of a certificate? It's possible that authenticating with a certificate was broken with the changes from 2.3.10 to 2.3.11.
What can i do to solve it?
Revert to 2.3.10?If you want to help find out what's going in, please increase logging for Cyrus to the debug level (in syslog.conf). That should show much more detailed logging.
-- Sebastian Hagedorn - RZKR-R1 (Flachbau), Zi. 18, Robert-Koch-Str. 10 Zentrum für angewandte Informatik - Universitätsweiter Service RRZK Universität zu Köln / Cologne University - Tel. +49-221-478-5587
Attachment:
pgp10XPEiBBKE.pgp
Description: PGP signature
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
