Sorry for the delay -- I had my wedding and a brief
mini-honeymoon to attend to ;)
Sebastian Hagedorn wrote:
-- Jeff Blaine <jblaine@xxxxxxxxxxxx> is rumored to have mumbled on 16.
Januar 2009 10:19:51 -0500 regarding Re: Expire (manually) TLS sessions?:
Outlook 2007 works.
Using a password, that is. I guess you didn't try it with a certificate?
(I assume Outlook supports that, but I'm not sure)
Unfortunately, this is not an option
for us as our users use Thunderbird.
How about Thunderbird using a password for authentication? Is that an
option at all?
I realize this is a little "all over the road" here,
but bear with me as I am just trying to get something
working at this point for our users who are now
without secure IMAP :(
With "TLS" selected in Thunderbird, I am given no
choice but to select a client certificate. See
attached images.
Another user reports that GNU Emacs with the Gnus
client works with SSL and port 993. I've confirmed
this in the log:
Jan 21 11:11:03 imapsrv imaps[14170]: [ID 277583 local6.notice] login:
jimbo-host.our.com [xx.xx.50.67] jimbo plaintext+TLS User logged in
If I configure Thunderbird to do that (SSL via 993),
I get the following:
Jan 21 11:10:19 imapsrv imaps[14104]: [ID 636471 local6.notice] TLS
server engine: cannot load CA data
Jan 21 11:10:19 imapsrv imaps[14104]: [ID 286863 local6.notice]
imapd:Loading hard-coded DH parameters
Jan 21 11:10:19 imapsrv imaps[14104]: [ID 798856 local6.notice] imaps
TLS negotiation failed: myclient.our.com
Jan 21 11:10:19 imapsrv imaps[14104]: [ID 637875 local6.error] Fatal
error: tls_start_servertls() failed
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
