TLS changes in 2.4.x

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I just upgraded from 2.3.x to 2.4.13 using Simon Matter's rpms. The
upgrade is going as expected from all of the comments on the list with
one big exception. I'm wondering how TLS has changed from the 2.3
series. I have 2 different Postfix systems trying to connect (using
LMTP) to one Cyrus-IMAP mailstore. Both Postfix systems were able to
STARTTLS during LMTP to the Cyrus-IMAP mailstore before the upgrade.
Only one (the first one that connects) is able to do so after the
upgrade.

I've actually set this up with virtual machines so I could test and
rollback to see what was going on. I upgraded a test Cyrus-IMAP
server, and, again, only the first Postfix server to connect could do
so successfully. I've also verified the results using lmtptest which
hangs with the errant server.

The only thing I can imagine might be causing the problem is that I'm
using the same wildcard certificate (3rd party signed) for each
Postfix machine trying to connect to the Cyrus-IMAP mailstore, which
also uses the same certificate (all in same domain). I notice that
there is a note in the change logs regarding TLS session reuse. Could
this TLS caching be the problem?

Steve
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/


[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux