Upgrade Notes from Kolab 3.3 to 3.4

kolab_mailing_list at evenat.eu kolab_mailing_list at evenat.eu
Wed Mar 11 12:25:57 CET 2015


 

Hello Daniel, 

thank you for the answers. 

1) On my server if I change tls_ca_dir to tls_server_ca_file I get
certificate problem on my IMAP client (K-9 mail on android) 

but with tls_client_ca_file it is working well as with tls_ca_dir... 

So maybe my certificate files are not well built. 

Best regards 

Gaël 

Le 10/03/2015 00:48, Daniel Hoffend a écrit : 

> Hello Gaël
> 
> Thanks for the feedback and regarding updates/changes to the documentation. Feel free to fork and modifiy our kolab documention on github and send us back a Merge Request.
> 
> https://github.com/kolab-groupware/kolab-docs [4]
> 
> 1) tls_ca_dir
> 
> I wrote the upgrade guide, but tbh, both paramters tls_server_ca_dir and tls_client_ca_dir are rarely used. But the client one is more wrong the the server one. Here's why:
> 
> If you read the cyrus documention (which gets better every day), you'll see that tls_client_ca_dir is used for authenticating clients that are using customized issued certificates. I don't know about any "Kolab" users who're using client certificates for authentication). tls_server_ca_dir is used to verify the ssl certificate of other imap servers (which should apply in a murder/replication setup, afaik).
> 
> I'll leave it in the docs as it is. It's more likely that you verify the ssl certificate of your replication/murder servers compared to verification of your client issued certificates.
> 
> 2) upgrade notes about restarting services
> 
> I've added a note to the git repository to make it more clear. It will be on the docs mainpage at a later point (when someone pushes the button).
> 
> [master 3f915f1] adding note about restart python daemons
> 1 file changed, 13 insertions(+), 2 deletions(-⁠)
> 
> -⁠-⁠
> Regards
> Daniel Hoffend
> 
> -⁠-⁠-⁠-⁠-⁠-⁠ Originalnachricht -⁠-⁠-⁠-⁠-⁠-⁠
> Von: kolab_mailing_list at evenat.eu
> An: users at lists.kolab.org
> Gesendet: 09.03.2015 18:33:20
> Betreff: Upgrade Notes from Kolab 3.3 to 3.4
> 
>> Hello,
>> 
>> I don't know how I should contact, but on web page "Upgrade Notes from Kolab 3.3 to 3.4" (https://docs.kolab.org/administrator-guide/upgrading-from-kolab-3.3-to-3.4.html#etc-imapd-conf [1])
>> 
>> I think there is an error:
>> 
>> it should be
>> 
>> tls_ca_file -⁠-⁠> tls_client_ca_dir
>> instead of tls_ca_file -⁠-⁠> tls_server_ca_file
>> 
>> See: https://docs.cyrus.foundation/imap/release-notes/2.5-current.html#option-name-changes-for-tls [2]
>> 
>> + I would suggest to state more clearly that wallace service should be restarted with "service wallace restart" even if we don't use "wallace for resource management". I've been stuck not being able to send & receive mails until I manually restart wallace service (server restart didn't solve the issue)
>> 
>> (in https://docs.kolab.org/administrator-guide/upgrading-from-kolab-3.3-to-3.4.html#etc-kolab-kolab-conf [3])
>> 
>> Regards
>> 
>> Gaël

 

Links:
------
[1]
https://docs.kolab.org/administrator-guide/upgrading-from-kolab-3.3-to-3.4.html#etc-imapd-conf
[2]
https://docs.cyrus.foundation/imap/release-notes/2.5-current.html#option-name-changes-for-tls
[3]
https://docs.kolab.org/administrator-guide/upgrading-from-kolab-3.3-to-3.4.html#etc-kolab-kolab-conf
[4] https://github.com/kolab-groupware/kolab-docs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/users/attachments/20150311/eac738a5/attachment.html>


More information about the users mailing list