cyrus imapd ssl against mac osx mail.app

Joseph Silverman yossie at laszlosystems.com
Wed Nov 30 19:59:22 EST 2005


We are trying to migrate from uw-imap to cyrus-imap.

In the process, in order to test things, I have started cyrus-imap  
with services for imap on port 1431, for imaps on port 9931.

I can create an account on mail.app that talks to port 1431 just fine  
- no problems, it just works.

When I create an account on mail.app with ssl set and port 9931, it  
fails to connect.

Connecting to uw-imap on the same server (at port 993 of course)  
works without a hitch.

Of note:

1) I have "real" certificates (thawte) - I configured /etc/imapd.conf  
with the key and crt file, no ca file.

2) I get a note in my log from cyrus imap saying that it couldn't  
load the ca file, I guess this is ok, no idea.

3) One interesting note is that:

	telnet MAILHOST 993
	enter a few times

disconnects me with no message, Whereas

	telnet MAILHOST 9931
	enter a few times

disconnects me with * BYE Fatal error: tls_start_servertls() failed

4) imtest connects correctly, with some odd messages:

imtest -p 9931 -s MAILHOST
verify error:num=20:unable to get local issuer certificate
verify error:num=27:certificate not trusted
verify error:num=21:unable to verify the first certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
S: * OK MAILHOST Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-1.1.fc3 server  
ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS  
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND  
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE  
AUTH=LOGIN AUTH=PLAIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE LOGIN
S: + VXNlcm5hbWU6
Please enter your password:

Any idea how to fix this?

Thanks - Yossie



More information about the Info-cyrus mailing list