On 12/03/13 14:29 +0200, Stefan Gofferje wrote: >Hi, > >I have a Cyrus IMAP and Postfix running. Some time ago, I configured >them for TLS and recently, I started to use also Thunderbird on those >and Thunderbird is asking me on startup which certificate to use for >identification for IMAP. Is there a way to tell Cyrus to *not* request >the client certificates at all? > >Config attached. >rfc_ignore_8bit: on >configdirectory: /var/lib/imap >#artition-default: /var/spool/imap >partition-default: /server/imap >sievedir: /var/lib/sieve >admins: cyrus nobody >lmtp_admins: cyrus nobody >allowanonymouslogin: no >autocreatequota: 10000 >#reject8bit: no >quotawarn: 90 >timeout: 30 >poptimeout: 10 >dracinterval: 0 >drachost: localhost >sasl_pwcheck_method: auxprop >auxprop_plugin: sasldb >postuser: shared >allowplaintext: yes > >lmtp_overquota_perm_failure: no >lmtpsocket: /var/spool/postfix/public/lmtp ># ># if you want TLS, you have to generate certificates and keys ># >tls_cert_file: /etc/apache2/x.x.x.pem >tls_key_file: /etc/apache2/x.x.x.pem >tls_ca_file: /etc/apache2/ca-certs.pem >#tls_ca_path: /usr/ssl/CA >tls_require_cert: false >tls_imap_require_cert: false >tls_pop3_require_cert: false >tls_lmtp_require_cert: false >tls_sieve_require_cert: false What log entries do you see during TLS authentication? Verify that this is a server side problem with imtest. -- Dan White ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
