Self signed certificate

Alain Spineux aspineux at gmail.com
Tue May 27 18:48:15 CEST 2008 

On Tue, May 27, 2008 at 5:25 PM, Helga Mayer
<Helga.Mayer at uni-hohenheim.de> wrote:
>
> Hello,
>
> I'm sure this has been discussed before, but I did not find a suitable
> answer.
> I'm running Kolab Server 2.2 Release Candidate 2
>
> I've a self signed certificate for testing.
> When I use 'openssl s_client -connect mailbox1.rz.uni-hohenheim.de:993'
> I get:
> CONNECTED(00000003)
> depth=0 /C=de/ST=Baden-Wuerttemberg/L=Stuttgart/O=University of
> Hohenheim/OU=Computing
> Center/CN=mailbox1.rz.uni-hohenheim.de/emailAddress=rz-mail at uni-hohenheim.de
> verify error:num=18:self signed certificate
> verify return:1
> depth=0 /C=de/ST=Baden-Wuerttemberg/L=Stuttgart/O=University of
> Hohenheim/OU=Computing
> Center/CN=mailbox1.rz.uni-hohenheim.de/emailAddress=rz-mail at uni-hohenheim.de
> verify return:1
> ---
> Certificate chain
>  0 s:/C=de/ST=Baden-Wuerttemberg/L=Stuttgart/O=University of
> Hohenheim/OU=Computing
> Center/CN=mailbox1.rz.uni-hohenheim.de/emailAddress=rz-mail at uni-hohenheim.de
> i:/C=de/ST=Baden-Wuerttemberg/L=Stuttgart/O=University of
> Hohenheim/OU=Computing
> Center/CN=mailbox1.rz.uni-hohenheim.de/emailAddress=rz-mail at uni-hohenheim.de---
> Server certificate
> -----BEGIN CERTIFICATE-----
> .......
> -----END CERTIFICATE-----
> subject=/C=de/ST=Baden-Wuerttemberg/L=Stuttgart/O=University of
> Hohenheim/OU=Computing
> Center/CN=mailbox1.rz.uni-hohenheim.de/emailAddress=rz-mail at uni-hohenheim.de
> issuer=/C=de/ST=Baden-Wuerttemberg/L=Stuttgart/O=University of
> Hohenheim/OU=Computing
> Center/CN=mailbox1.rz.uni-hohenheim.de/emailAddress=rz-mail at uni-hohenheim.de
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 1669 bytes and written 331 bytes
> ---
> New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
> Server public key is 1024 bit
> Compression: NONE
> Expansion: NONE
> SSL-Session:
>     Protocol  : TLSv1
>     Cipher    : DHE-RSA-AES256-SHA
>     Session-ID:
> DB9D792764710EDCCA9D4712B0562B4C1F5ED4CC690DF9E5C4FCBE2D8AF0765F
> Session-ID-ctx:
>     Master-Key:
> FEB49D01EEFACF4F361A399291FB45C31A8D2C6D93D6CD68C4E08696ED562A9344DA32AC3F058EA88C3CBA5D163C8534
>     Key-Arg   : None
>     Krb5 Principal: None
>     Start Time: 1211900892
>     Timeout   : 300 (sec)
>     Verify return code: 18 (self signed certificate)
> ---
> * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN SASL-IR]
> mailbox1.rz.uni-hohenheim.de Cyrus IMAP4 v2.3.11-openpkg server ready
>
> But when I try to connect to imap
> using 'telnet mailbox1.rz.uni-hohenheim.de 993'
>
> I get:
> BYE Fatal error: tls_start_servertls() failed

993 is the "secured" port for IMAP protocol and expect the traffic to
be encrypted !
Here Imap complains about telnet not doing any ecryption ! This is an
expected result for me.

What do you expect ?


>
> connect to port 143 works.
>
> Any help is appreciated.
>
> Regards
> Helga Mayer
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



-- 
Alain Spineux
aspineux gmail com
May the sources be with you

More information about the users mailing list