Expire (manually) TLS sessions?
Jeff Blaine
jblaine at kickflop.net
Fri Jan 16 07:48:18 EST 2009
More info after increasing local6.info to local6.debug for
syslog:
accepted connection
imapd:Loading hard-coded DH parameters
SSL_accept() incomplete -> wait
decryption failed or bad record mac in SSL_accept() -> fail
STARTTLS negotiation failed: bva-172.our.com
Our TLS all worked fine before the upgrade :(
Jeff Blaine wrote:
> Sebastian Hagedorn wrote:
>> --On 16. Januar 2009 06:58:06 -0500 Jeff Blaine <jblaine at kickflop.net>
>> wrote:
>>> Hmm. That's not working for me.
>>>
>>> bash-2.05# pwd
>>> /var/imap
>>> # rm tls_sessions.db
>>> # /etc/init.d/imap start
>>> #
>>>
>>> Jan 16 06:54:36 imapsrv imap[20300]: [ID 286863 local6.notice]
>>> imapd:Loading hard-coded DH parameters
>>> Jan 16 06:54:36 imapsrv imap[20300]: [ID 239158 local6.notice] STARTTLS
>>> negotiation failed: bva-172.our.com
>>>
>>> bash-2.05# pwd
>>> /var/imap
>>> bash-2.05# ls -l tls*
>>> tls*: No such file or directory
>>> bash-2.05#
>> Strange. I know for a fact that it has worked for us in the past. I
>> can't verify that easily right now, because I don't currently have a
>> test set-up. What happens if you touch the file prior to starting imap?
>
> I tried that first: cp /dev/null tls_sessions.db
>
> Same situation :(
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
More information about the Info-cyrus
mailing list