Getting cyradm to work over SSL

Philip Prindeville philipp_subx at redfish-solutions.com
Fri Jun 5 12:56:13 EDT 2015



On 06/05/2015 07:50 AM, Dan White wrote:
> On 06/04/15 14:23 -0600, Philip Prindeville wrote:
>> I'm running cyrus 2.4.17 on Fedora 21 (with cyrus-sasl 2.1.26).
>>
>> I'm trying to write some test automation, but can only get it to work 
>> with IMAP, not IMAP/SSL.
>>
>> If I run:
>>
>> % cyradm --user cyrus --port 143 --auth login --notls localhost
>>
>> that works fine (though oddly it complains about a self-signed 
>> cert).  I've created a user "cyrus" using:
>>
>> saslpasswd -c -u mail cyrus
>>
>> and that authenticates fine.
>>
>> If I run:
>>
>> % cyradm --user --port 993 --auth login localhost
>
> Assuming that you are not using client certs, try adding:
>
> --tlskey ""
>
> to your command.

No, then I just get:

TLS disabled.
cyradm: cannot authenticate to server with login as cyrus

and an exit code of 255.


>
>> however, it silently fails to authenticate with exit code 141.
>>
>> The relevant part of my config file looks like:
>>
>> admins: cyrus
>> sievedir: /var/lib/imap/sieve
>> sendmail: /usr/sbin/sendmail
>> hashimapspool: true
>> # sasl_pwcheck_method: saslauthd
>> sasl_pwcheck_method: auxprop
>> # sasl_mech_list: PLAIN LOGIN
>> sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
>> allowplaintext: no
>> defaultdomain: mail
>>
>> Why does cyradm work with clear IMAP but fail with IMAP/S?
>
> imtest is another option for automation.



More information about the Cyrus-devel mailing list