Expire (manually) TLS sessions?

Sebastian Hagedorn Hagedorn at uni-koeln.de
Fri Jan 16 09:50:43 EST 2009


--On 16. Januar 2009 09:43:02 -0500 Jeff Blaine <jblaine at kickflop.net> 
wrote:

> A new cert did not solve the problem:
>
> Jan 16 09:41:30 imapsrv imap[12264]: [ID 921384 local6.debug] accepted
> connection
> Jan 16 09:41:30 imapsrv imap[12264]: [ID 192010 local6.debug] wrong
> version number in SSL_accept() -> fail

But it results in a different error message.

> Jan 16 09:41:30 imapsrv imap[12264]: [ID 239158 local6.notice] STARTTLS
> negotiation failed: bva-172.our.com

That reminds me of something. Try removing this line from your config:

tls_ca_file:    /var/imap/ca.crt

Also, try using different clients. IIRC, there is an issue specifically 
with Thunderbird and that setting. I don't remember the details, but you 
should be able to find them in the archives.
-- 
     .:.Sebastian Hagedorn - RZKR-R1 (Gebäude 52), Zimmer 18.:.
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
.:.Universität zu Köln / Cologne University - ✆ +49-221-478-5587.:.
                   .:.:.:.Skype: shagedorn.:.:.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20090116/6f495448/attachment.bin 


More information about the Info-cyrus mailing list