Am Mittwoch, den 19.02.2014, 01:16 +0100 schrieb Marcus Schopen: > Hi, > > how do I figure out if master and replica are talking via TLS? Certs are > installed on both servers. Telnet on the replica shows: > > ------------ > ~# telnet replica 2005 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > * SASL DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN > * STARTTLS > * COMPRESS DEFLATE > * OK tripp Cyrus sync server v2.4.12-Debian-2.4.12-2 > ------------ > > When starting the master, login and replication is working, but it seems > not working on TLS: > > Feb 19 01:11:24 replica cyrus/syncserver[22175]: accepted connection > Feb 19 01:11:24 replica cyrus/syncserver[22175]: cmdloop(): startup > Feb 19 01:11:24 replica cyrus/syncserver[22175]: login: server [xxx] > syncuser DIGEST-MD5 User logged in Certificates seems to be fine. A synctest from the master to the replica (= server) looks like this: synctest -a syncadmin -u syncamdin -t '' server ----------- Feb 19 02:23:57 tripp cyrus/master[22549]: about to exec /usr/lib/cyrus/bin/sync_server Feb 19 02:23:57 tripp cyrus/syncserver[22549]: executed Feb 19 02:23:57 tripp cyrus/syncserver[22549]: accepted connection Feb 19 02:23:57 tripp cyrus/syncserver[22549]: cmdloop(): startup Feb 19 02:23:57 tripp cyrus/syncserver[22549]: imapd:Loading hard-coded DH parameters Feb 19 02:23:57 tripp cyrus/syncserver[22549]: SSL_accept() incomplete -> wait Feb 19 02:23:57 tripp cyrus/syncserver[22549]: SSL_accept() succeeded -> done Feb 19 02:23:57 tripp cyrus/syncserver[22549]: starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication Feb 19 02:23:59 tripp cyrus/syncserver[22549]: login: server [xxx] syncamdin DIGEST-MD5+TLS User logged in ----------- Restarting Cyrus on the master comes up with this login without TLS on the replica: ----------- Feb 19 02:24:55 tripp cyrus/syncserver[22549]: accepted connection Feb 19 02:24:55 tripp cyrus/syncserver[22549]: cmdloop(): startup Feb 19 02:24:55 tripp cyrus/syncserver[22549]: login: server [xxx] syncadmin DIGEST-MD5 User logged in ----------- Ciao! ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus