Yuuichi Ikeda (SKLC)
2011-Nov-07 15:12 UTC
[Dovecot] POP3/IMAPv4 CRAM-MD5 Authentication failed.(Re-post)
Hi, I'm Yuuichi Ikeda from Japan User. OS:Solaris 10 9/10 s10x_u9wos_14a X86 Mem:8GB HDD:3TB gcc:gcc (GCC) 4.1.2 gcc-prefix:/unsupported/gcc Dovecot Version:2.0.15 configure:./configure --prefix=/opt/dovecot_2 --sysconfdir=/opt/dovecot_2/conf --mandir=/opt/man --enable-shared --with-mysql --with-zlib --with-sqlite --with-sql=plugin --with-ssldir=/opt/openssl --with-rundir=/var/run --with-libiconv-prefix=/opt/libiconv Dovecot Configuration> # 2.0.15: /opt/dovecot_2/conf/dovecot/dovecot.conf > # OS: SunOS 5.10 i86pc > auth_debug = yes > auth_mechanisms = cram-md5 > auth_ssl_require_client_cert = yes > auth_ssl_username_from_cert = yes > auth_verbose = yes > base_dir = /var/run/dovecot/ > doveadm_worker_count = 10 > log_path = /var/log/dovecot/dovecot.log > login_greeting = ready. > login_trusted_networks = 192.168.1.0/24 > mail_location = maildir:~/Maildir > passdb { > driver = pam > } > passdb { > args = /opt/dovecot_2/conf/dovecot/passwd > driver = passwd-file > } > plugin { > acl = vfile:/opt/dovecot_2/conf/dovecot/global-acls:cache_secs=300 > acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes > } > protocols = imap pop3 > service auth { > executable = /opt/dovecot_2/libexec/dovecot/auth > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > } > service imap-login { > executable = /opt/dovecot_2/libexec/dovecot/rawlog /opt/dovecot_2/libexec/dovecot/imap-login > inet_listener imap { > port = 143 > ssl = no > } > inet_listener imaps { > port = 993 > ssl = yes > } > } > service imap { > executable = /opt/dovecot_2/libexec/dovecot/rawlog /opt/dovecot_2/libexec/dovecot/imap > } > service lmtp { > unix_listener lmtp { > mode = 0666 > } > } > service pop3-login { > executable = /opt/dovecot_2/libexec/dovecot/rawlog /opt/dovecot_2/libexec/dovecot/pop3-login > inet_listener pop3 { > port = 110 > ssl = no > } > inet_listener pop3s { > port = 995 > ssl = yes > } > } > service pop3 { > executable = /opt/dovecot_2/libexec/dovecot/rawlog /opt/dovecot_2/libexec/dovecot/pop3 > } > ssl_ca = </opt/dovecot_2/conf/dovecot/ca-c.pem > ssl_cert = </opt/dovecot_2/conf/dovecot/ns-c.pem > ssl_key = </opt/dovecot_2/conf/dovecot/ns-p.pem > ssl_verify_client_cert = yes > userdb { > args = blocking=yes > driver = passwd > } > protocol imap { > imap_logout_format = bytes=%i/%o > imap_max_line_length = 64 k > mail_max_userip_connections = 10 > mail_plugins > } > protocol lda { > hostname = mailsv.sklc.co.jp > info_log_path = /var/log/dovecot/deliver.log > log_path = /var/log/dovecot/deliver.log > mail_plugins > postmaster_address = postmaster at sklc.co.jp > sendmail_path = /usr/lib/sendmail > } > protocol lmtp { > mail_plugins > } > protocol pop3 { > mail_plugins > pop3_save_uidl = yes > pop3_uidl_format = %v-%u > }If it attests by connecting by POP3 or IMAPv4, the following messages will be displayed and attestation will go wrong.> Nov 07 23:12:40 auth: Debug: auth client connected (pid=20018) > Nov 07 23:12:40 auth: Debug: client in: AUTH 1 CRAM-MD5 service=pop3 secured no-penalty lip=192.168.1.1 rip=192.168.1.110 lport=110 rport=57054 > Nov 07 23:12:40 auth: Info: CRAM-MD5(?,192.168.1.110): Client didn't present valid SSL certificate > Nov 07 23:12:40 auth: Debug: client out: FAIL 1 reason=Client didn't present valid SSL certificate > Nov 07 23:12:40 pop3-login: Info: Aborted login (cert required, client didn't start TLS): method=CRAM-MD5, rip=192.168.1.110, lip=192.168.1.1, secured> Nov 07 23:16:32 auth: Debug: auth client connected (pid=20126) > Nov 07 23:16:32 auth: Debug: client in: AUTH 1 CRAM-MD5 service=imap secured no-penalty lip=192.168.1.1 rip=192.168.1.1 lport=143 rport=58734 > Nov 07 23:16:32 auth: Info: CRAM-MD5(?,192.168.1.1): Client didn't present valid SSL certificate > Nov 07 23:16:32 auth: Debug: client out: FAIL 1 reason=Client didn't present valid SSL certificate > Nov 07 23:16:32 imap-login: Info: Aborted login (cert required, client didn't start TLS): method=CRAM-MD5, rip=192.168.1.1, lip=192.168.1.1, securedWhat will you do and will become like this? If some people know ways of coping, please let me know. ============================================================ Information-system part. Sankei-Koumuten Co.,Ltd. Yuuichi Ikeda Mail:yuichi at sklc.co.jp Tel.+81-3-3623-6474 Fax.+81-3-3623-6475 Our company promotes "Team minus 6 percent" jus, Hatena Joined member. LPIC-2 Certified. =============================================================
Pascal Volk
2011-Nov-07 20:13 UTC
[Dovecot] POP3/IMAPv4 CRAM-MD5 Authentication failed.(Re-post)
On 11/07/2011 04:12 PM Yuuichi Ikeda (SKLC) wrote:> Hi, I'm Yuuichi Ikeda from Japan User. > > > Dovecot Configuration >> ? >> ssl_ca = </opt/dovecot_2/conf/dovecot/ca-c.pem >> ssl_cert = </opt/dovecot_2/conf/dovecot/ns-c.pem >> ssl_key = </opt/dovecot_2/conf/dovecot/ns-p.pem >> ssl_verify_client_cert = yes > ? > If it attests by connecting by POP3 or IMAPv4, the following messages will > be displayed and attestation will go wrong. > >> Nov 07 23:12:40 auth: Info: CRAM-MD5(?,192.168.1.110): Client didn't present valid SSL certificate >> Nov 07 23:12:40 auth: Debug: client out: FAIL 1 reason=Client didn't present valid SSL certificate >> Nov 07 23:12:40 pop3-login: Info: Aborted login (cert required, client didn't start TLS): method=CRAM-MD5, rip=192.168.1.110, lip=192.168.1.1, secured > >> Nov 07 23:16:32 auth: Info: CRAM-MD5(?,192.168.1.1): Client didn't present valid SSL certificate >> Nov 07 23:16:32 auth: Debug: client out: FAIL 1 reason=Client didn't present valid SSL certificate >> Nov 07 23:16:32 imap-login: Info: Aborted login (cert required, client didn't start TLS): method=CRAM-MD5, rip=192.168.1.1, lip=192.168.1.1, secured > > What will you do and will become like this? If some people know ways of > coping, please let me know.Are you sure you want to verify the client's certificate (ssl_verify_client_cert = yes)? If not, just remove this line and try again. Regards, Pascal -- The trapper recommends today: cafebabe.1131121 at localdomain.org
Reasonably Related Threads
- dovecot.conf: mechanisms = plain login cram-md5 | Windows Live Mail: CRAM-MD5 authentication failed. This could (NOT) be due to a lack of memory on your system
- Requested CRAM-MD5 scheme, but we have only MD5-CRYPT
- CRAM-MD5 authentication but plain-md5 password storage.
- CRAM-MD5 HMAC-MD5 password algorithm for PHP
- MD5 to CRAM-MD5 password conversion?