Hmm. That's not working for me. bash-2.05# pwd /var/imap # rm tls_sessions.db # /etc/init.d/imap start # Jan 16 06:54:36 imapsrv imap[20300]: [ID 286863 local6.notice] imapd:Loading hard-coded DH parameters Jan 16 06:54:36 imapsrv imap[20300]: [ID 239158 local6.notice] STARTTLS negotiation failed: bva-172.our.com bash-2.05# pwd /var/imap bash-2.05# ls -l tls* tls*: No such file or directory bash-2.05# Sebastian Hagedorn wrote: > Hello Jeff, > > --On 16. Januar 2009 06:38:27 -0500 Jeff Blaine <jblaine@xxxxxxxxxxxx> > wrote: > >> Maybe we're doing something wrong in the process, but it >> seems that every time we perform offline maintenance >> (upgrade, whatever) on Cyrus IMAPd ... our users complain >> that TLS breaks afterward, but then fixes itself in time. >> >> I've demonstrated this to myself just now with the upgrade >> to 2.3.13 from 2.2.12. My TLS session is cached but broken >> with the new setup (or for whatever other reason). That is, >> even after restarting Thunderbird, I get the following: >> >> Jan 16 06:31:50 imapsrv imap[19690]: [ID 239158 local6.notice] STARTTLS >> negotiation failed: bva-172.our.com >> >> Is there a way to zero/flush all TLS cached sessions? I >> have to imagine there is, but I don't know how. > > as before: just delete the tls_sessions files before you start > cyrus-imapd. They will be recreated automatically. You could even make > that part of the initscript, because those session don't survive a > restart anyway. ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
