cyrus and ssl

Wed Jan 14 08:12:02 EST 2004

:

> Troy McKinnon wrote:
> > This is most likely a ssl configuration issue but I would really
> appreciate
> > any help on this.
> > 
> > I followed the setup as per "  luc's  " how to on postfix-cyrus
> > 
> > netstat shows me that my server is running:
> > 
> > tcp        0      0 0.0.0.0:20000           0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:2401            0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:15              0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN
> > tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
> > tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN
> > tcp        0      0 127.0.0.1:8005          :::*                    LISTEN
> > tcp        0      0 :::8009                 :::*                    LISTEN
> > tcp        0      0 :::8080                 :::*                    LISTEN
> > tcp        0      0 :::53                   :::*                    LISTEN
> > tcp        0      0 :::22                   :::*                    LISTEN
> > 
> > 
> > when I connect to the server via OULOOK express and ssl encrypt it says it
> > is an untrusted domain, and if I want to download the cert.
> > (I created my own cert as per howto)... and once downloaded I get
> connection
> > refused error.
> -have you tried another client (e.g. Thunderbird 
> (http://www.mozilla.org/) and are you getting the same error(s)?
> 
> - have a look at your logfiles (what kind of errors are listed there?)
> 
> - what exactly does outlook express tell you? Does it provide an 
> errorcode (like 800ccc0e or similar)?
> 
> - to solve your problem with the untrusted certificate: either you let 
> your certificate sign by an existing certificate authority (eg versigin) 
> - or you set up your own certificate authoritiy and sign your own 
> certificates (thats the cheaper way :-), but you then have to install 
> the ca-certificate on your system since it isn't built by microsoft ;-)
> How to do that: look at the "SSL Certificates HOWTO" (google will find 
> it ;-)
> > 
> > Regular IMAP or POP3 works fine but I would like to disable that for ssl.
> > 
> > Any ideas what I have done wrong?
> > 
> > Thanks
> > 
> > Troy
> > 
> > 
> regards
> 
> chris
> 
> 
This is a pretty good site - how to set up and install CA and Client
certificates:

http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x160.html