Morning everyone, On the 8th of Jan the TLS/SSL certificate I use with Dovecot expired. I replaced it with a new on the 9th of Jan. I tested this with Thunderbird and all is well. This morning people tell me they cannot get their email using their mobile telephones : K9 Mail I have reverted the SSL cert back to the old one just in case. Thunderbird will works. Dovecot 1:1.2.15-7 running on Debian 6 The messages in the logs are: Jan 9 10:11:37 logout dovecot: imap-login: Disconnected (no auth attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected Jan 9 10:11:38 logout dovecot: imap-login: Disconnected (no auth attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected In dovecot.conf I have this set : disable_plaintext_auth = no And the auth default mechanisms are set to: mechanisms = plain login What is strange is the only item that changed is the SSL cert, which has since been changed back to the old one (which has expired... ^^). Any ideas where I may look or change? Regards, S
Robert Schetterer
2012-Jan-09 09:27 UTC
[Dovecot] dovecot: imap-login: Disconnected (no auth attempts)
Am 09.01.2012 10:16, schrieb J4K:> Morning everyone, > > On the 8th of Jan the TLS/SSL certificate I use with Dovecot expired. I > replaced it with a new on the 9th of Jan. I tested this with > Thunderbird and all is well. > > This morning people tell me they cannot get their email using their > mobile telephones : K9 Mail > > I have reverted the SSL cert back to the old one just in case. > Thunderbird will works. > > > Dovecot 1:1.2.15-7 running on Debian 6 > > The messages in the logs are: > > Jan 9 10:11:37 logout dovecot: imap-login: Disconnected (no auth > attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected > Jan 9 10:11:38 logout dovecot: imap-login: Disconnected (no auth > attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected > > In dovecot.conf I have this set : > > disable_plaintext_auth = no > > And the auth default mechanisms are set to: > mechanisms = plain login > > What is strange is the only item that changed is the SSL cert, which has > since been changed back to the old one (which has expired... ^^). > > Any ideas where I may look or change? > > Regards, Sif you only changed the crt etc, and youre sure you did everything right perhaps you have forgot adding a needed intermediate cert ? read here http://www.trustico.co.uk/install/how-to-install-ssl-certificate.php Required Intermediate Certificates (CA Certificates) To successfully install your SSL Certificate you may be required to install an Intermediate CA Certificate. Please review the above installation instructions carefully to determine if an Intermediate CA Certificate is required, how to obtain it and correctly import it into your system. For more information please Contact Us. Alternatively, and for systems not covered by the above installation instructions, please use our Intermediate Certificate Wizard to find the correct CA Certificate or Root Bundle that is required for your SSL Certificate to function correctly. Find Out More Information -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
On 09/01/12 10:27, Robert Schetterer wrote:> Am 09.01.2012 10:16, schrieb J4K: >> Morning everyone, >> >> On the 8th of Jan the TLS/SSL certificate I use with Dovecot expired. I >> replaced it with a new on the 9th of Jan. I tested this with >> Thunderbird and all is well. >> >> This morning people tell me they cannot get their email using their >> mobile telephones : K9 Mail >> >> I have reverted the SSL cert back to the old one just in case. >> Thunderbird will works. >> >> >> Dovecot 1:1.2.15-7 running on Debian 6 >> >> The messages in the logs are: >> >> Jan 9 10:11:37 logout dovecot: imap-login: Disconnected (no auth >> attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected >> Jan 9 10:11:38 logout dovecot: imap-login: Disconnected (no auth >> attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected >> >> In dovecot.conf I have this set : >> >> disable_plaintext_auth = no >> >> And the auth default mechanisms are set to: >> mechanisms = plain login >> >> What is strange is the only item that changed is the SSL cert, which has >> since been changed back to the old one (which has expired... ^^). >> >> Any ideas where I may look or change? >> >> Regards, S > if you only changed the crt etc, and youre sure you did everything right > > perhaps you have forgot adding a needed intermediate cert ? > > read here > http://www.trustico.co.uk/install/how-to-install-ssl-certificate.php > > Required Intermediate Certificates (CA Certificates) > > To successfully install your SSL Certificate you may be required to > install an Intermediate CA Certificate. Please review the above > installation instructions carefully to determine if an Intermediate CA > Certificate is required, how to obtain it and correctly import it into > your system. For more information please Contact Us. > Alternatively, and for systems not covered by the above installation > instructions, please use our Intermediate Certificate Wizard to find the > correct CA Certificate or Root Bundle that is required for your SSL > Certificate to function correctly. Find Out More InformationYou may have some email problems with the mobile phone because of the certificates. Thunderbird and webmail are fine. You have only to access its complaint about a unknown certificate. I am working on the certificate problem.
Robert Schetterer
2012-Jan-09 09:41 UTC
[Dovecot] dovecot: imap-login: Disconnected (no auth attempts)
Am 09.01.2012 10:37, schrieb Simon Loewenthal:> On 09/01/12 10:27, Robert Schetterer wrote: >> Am 09.01.2012 10:16, schrieb J4K: >>> Morning everyone, >>> >>> On the 8th of Jan the TLS/SSL certificate I use with Dovecot expired. I >>> replaced it with a new on the 9th of Jan. I tested this with >>> Thunderbird and all is well. >>> >>> This morning people tell me they cannot get their email using their >>> mobile telephones : K9 Mail >>> >>> I have reverted the SSL cert back to the old one just in case. >>> Thunderbird will works. >>> >>> >>> Dovecot 1:1.2.15-7 running on Debian 6 >>> >>> The messages in the logs are: >>> >>> Jan 9 10:11:37 logout dovecot: imap-login: Disconnected (no auth >>> attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected >>> Jan 9 10:11:38 logout dovecot: imap-login: Disconnected (no auth >>> attempts): rip=90.131.95.130, lip=88.119.95.13, TLS: Disconnected >>> >>> In dovecot.conf I have this set : >>> >>> disable_plaintext_auth = no >>> >>> And the auth default mechanisms are set to: >>> mechanisms = plain login >>> >>> What is strange is the only item that changed is the SSL cert, which has >>> since been changed back to the old one (which has expired... ^^). >>> >>> Any ideas where I may look or change? >>> >>> Regards, S >> if you only changed the crt etc, and youre sure you did everything right >> >> perhaps you have forgot adding a needed intermediate cert ? >> >> read here >> http://www.trustico.co.uk/install/how-to-install-ssl-certificate.php >> >> Required Intermediate Certificates (CA Certificates) >> >> To successfully install your SSL Certificate you may be required to >> install an Intermediate CA Certificate. Please review the above >> installation instructions carefully to determine if an Intermediate CA >> Certificate is required, how to obtain it and correctly import it into >> your system. For more information please Contact Us. >> Alternatively, and for systems not covered by the above installation >> instructions, please use our Intermediate Certificate Wizard to find the >> correct CA Certificate or Root Bundle that is required for your SSL >> Certificate to function correctly. Find Out More Information > I know that the intermediate certs are messed up, which is why I rolled > back to the old expired certificate. I did not expect an expired > certificate to block authentication, and it does not mean that it does > block. The problem may be elsewhere.that might be a k9 problem ( older versions ) or in android older versions, is there a ignore ssl failure option as workaround what does thunderbird tell you about the new cert ? but for sure the problem may elsewhere> > -- > PGP is optional: 4BA78604 > simon @ klunky . org > simon @ klunky . co.uk > I won't accept your confidentiality > agreement, and your Emails are kept. > ~???~ >-- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
Apparently Analagous Threads
- 2.0beta4 doesn't respond to DONE after untagged FETCH during IDLE
- Connection closed (IDLE running for 0.001 + waiting input for
- xy plot key colors don't match plot
- Probably K9 not Outlook - Re: Outlook 2010 not connecting to secure POP3
- Probably K9 not Outlook - Re: Outlook 2010 not connecting to secure POP3