Joseph Silverman
2005-12-01 00:59:22 UTC
We are trying to migrate from uw-imap to cyrus-imap.
In the process, in order to test things, I have started cyrus-imap
with services for imap on port 1431, for imaps on port 9931.
I can create an account on mail.app that talks to port 1431 just fine
- no problems, it just works.
When I create an account on mail.app with ssl set and port 9931, it
fails to connect.
Connecting to uw-imap on the same server (at port 993 of course)
works without a hitch.
Of note:
1) I have "real" certificates (thawte) - I configured /etc/imapd.conf
with the key and crt file, no ca file.
2) I get a note in my log from cyrus imap saying that it couldn't
load the ca file, I guess this is ok, no idea.
3) One interesting note is that:
telnet MAILHOST 993
enter a few times
disconnects me with no message, Whereas
telnet MAILHOST 9931
enter a few times
disconnects me with * BYE Fatal error: tls_start_servertls() failed
4) imtest connects correctly, with some odd messages:
imtest -p 9931 -s MAILHOST
verify error:num=20:unable to get local issuer certificate
verify error:num=27:certificate not trusted
verify error:num=21:unable to verify the first certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
S: * OK MAILHOST Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-1.1.fc3 server
ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
AUTH=LOGIN AUTH=PLAIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE LOGIN
S: + VXNlcm5hbWU6
Please enter your password:
Any idea how to fix this?
Thanks - Yossie
In the process, in order to test things, I have started cyrus-imap
with services for imap on port 1431, for imaps on port 9931.
I can create an account on mail.app that talks to port 1431 just fine
- no problems, it just works.
When I create an account on mail.app with ssl set and port 9931, it
fails to connect.
Connecting to uw-imap on the same server (at port 993 of course)
works without a hitch.
Of note:
1) I have "real" certificates (thawte) - I configured /etc/imapd.conf
with the key and crt file, no ca file.
2) I get a note in my log from cyrus imap saying that it couldn't
load the ca file, I guess this is ok, no idea.
3) One interesting note is that:
telnet MAILHOST 993
enter a few times
disconnects me with no message, Whereas
telnet MAILHOST 9931
enter a few times
disconnects me with * BYE Fatal error: tls_start_servertls() failed
4) imtest connects correctly, with some odd messages:
imtest -p 9931 -s MAILHOST
verify error:num=20:unable to get local issuer certificate
verify error:num=27:certificate not trusted
verify error:num=21:unable to verify the first certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
S: * OK MAILHOST Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-1.1.fc3 server
ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
AUTH=LOGIN AUTH=PLAIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE LOGIN
S: + VXNlcm5hbWU6
Please enter your password:
Any idea how to fix this?
Thanks - Yossie