command-line sieve client that supports TLS

Goetz Babin-Ebell goetz at shomitefo.de
Wed Nov 15 06:36:07 EST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

fgang Hennerbichler schrieb:
> On 15.11.2006, at 00:59, Phil Pennock wrote:
> 
>> I'm open to more feature requests.
> 
> Well, here is one.
> For self-signed certificates I get the error
> STARTTLS promotion failed: SSL connect attempt failed with unknown
> errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
> verify failed
> 
> it would be great to add a --noverify option for TLS, for self-signed
> certificates.

could you test the following change:

my %ssl_options = (
        SSL_version     => 'TLSv1',
        SSL_cipher_list => 'ALL:!NULL:!LOW:!EXP:!ADH:@STRENGTH',
        SSL_verify_mode => 0x01,
        SSL_ca_path     => '/etc/ssl/certs',
        SSL_ca_file     => '</path/to/self/signed/server/cert.pem>',
);

(with slightly modified SSL_ca_file parameter ;-) )

Bye

Goetz

- --
DMCA: The greed of the few outweighs the freedom of the many
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFWvun2iGqZUF3qPYRAiUbAJ9ZslRWww6+tuipmdCLm3RAoUW6XQCfRTdi
wi0znXml+CSqOLMXmrsszXA=
=W4kK
-----END PGP SIGNATURE-----


More information about the Info-cyrus mailing list