On Thu, Nov 01, 2007 at 11:13:41AM +0100, Sven Vogel wrote:
i resend this message. maybe anyone can help me.
i have the following Problem. I use Courier-Imap 4.0.6 and Perdition
1.17 and Openssl 0.9.8e-r3
I want to connect with TLS1. i get the following Error in my
mail.log.
...
perdition[21437]: SELF: "flim08 STARTTLSrn"
perdition[21437]: REAL: "flim08 OK Begin SSL/TLS negotiation
now.rn"
imapd: couriertls: connect: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number
...
In my perdition.conf i set ssl_mode to tls_all. i set my courier to
a another port 144 and pertition works on 143.
i dont know do i have error in reasoning or do i have a problem with
my openssl.
when its correct so i can use Courier IMAP with port 143(for xample
144) with STARTTLS and SSL on Port 993. The problem is i have two
configurations files. One /etc/courier-imap/imapd (Port 143) and
/etc/courier-imap/imapd-ssl (Port 993). If i understand it correct so
i normally have no (TLS/SSL) on port 143 only on port 993. But courier
uses STARTTLS on port 143. I dont know maybe i have to use only
plaintext login. Maybe there should not STARTTLS on port 143.
for port 993 i used ssl_mode ssl_all and setup my ssl_ca_file and my
ssl_cert_file. its a self signed certificate from my own certificate
authority. i dont know but i should comment out
ssl_cert_accept_self_signed.
i also dont get it run with 993. do i have forgotten something?
maybe i should only use 993 with certificates but i dont see the
problem at the moment. (i set my courier for listening to port 994)
i hope anyone can give me some tips.
Perdition doesn't really have a facility to speficy that TLS1 should
be used instead of SSL3. This is clearly a deficiency that wants fixing.
--
Horms
H:
http://www.vergenet.net/~horms/
W:
http://www.valinux.co.jp/en/