I am having a weirdness in my cyrus installation. I am getting messages
in the logs:
Jul 22 08:41:59 ella cyrus/imaps[29387]: Fatal error:
tls_start_servertls() failed
Weirdly, this does not seem to actually affect performance, so maybe I
shouldn't even be worrying about this. But, I did try to do some
troubleshooting. I used imtest and found this:
ella:~# imtest -m plain -u cyrus -a cyrus -s localhost
verify error:num=19:self signed certificate in certificate chain
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
S: * OK ella Cyrus IMAP4 v2.2.13-Debian-2.2.13-14+lenny4 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN
AUTH=LOGIN SASL-IR
S: C01 OK Completed
Please enter your password:
C: A01 AUTHENTICATE PLAIN Y3lydXMAY3lydXMAa2FwcGE=
S: A01 NO authentication failure
Authentication failed. generic failure
Security strength factor: 256
^C^CC: Q01 LOGOUT
Connection closed.
This appears to be a username/password problem, rather than an
installation problem, since things work fine for postmaster:
ella:~# imtest -m plain -u postmaster -a postmaster -s localhost
SASLPASSWD2(8)
verify error:num=19:self signed certificate in certificate chain
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
S: * OK ella Cyrus IMAP4 v2.2.13-Debian-2.2.13-14+lenny4 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN
AUTH=LOGIN SASL-IR
S: C01 OK Completed
Please enter your password:
C: A01 AUTHENTICATE PLAIN cG9zdG1hc3RlcgBwb3N0bWFzdGVyAGthcHBh
S: A01 OK Success (tls protection)
Authenticated.
Security strength factor: 256
^CC: Q01 LOGOUT
Connection closed.
So I did a check of users, and thought I had figured out the problem.
cyrus was tied to an old hostname:
ella:~# sasldblistusers2
postmaster@ella: userPassword
cyrus@montoya: userPassword
But, when I created cyrus@ella, and deleted cyrus@montoya using
saslpasswd2, this did not solve the problem. Both are listed in
imapd.conf as admins. Any ideas about what could be going on? I have a
memory that I am not using imaps port, but instead using a secure
connection over the imap port, but the error message still bugs me, and
I would like to get to the bottom of it. I'm afraid that with that last
sentence it becomes obvious I haven't looked at this in a while, and
have probably forgotten some key points about cyrus configuration. Some
hints about where to go hunting would be most appreciated.
thanks,
maria
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
