Johannes Rohr
2020-Aug-17 09:51 UTC
Apple Mail Since upgrade to dovecot 2.3.x unable to connect
|Dear all,| |a couple of days ago I upgraded our server from Ubuntu 18.04 to 20.04, thereby upgrading dovecot from 2.2.x to 2.3.x. | |Since then, some older versions of apple's mail.app (bundled with el Capitano, released in 2016) no longer connect. When I turn on SSL debugging, I see:| |Debug: SSL error: SSL_accept() failed: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol imap-login: Debug: SSL error: SSL_accept() syscall failed: Invalid argument| || |Unfortunately, it doesn't reveal the name of the unsupported protocol. Also, what about the failed syscall? Does dovecot try and fail to open some file?| |Here are the contents of /etc/dovecot/conf.d/10-ssl.conf:| |??? ssl = yes ??? ssl_cert = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/fullchain.pem ??? ssl_key = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/key.pem ??? ssl_ca = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/ca.pem ??? ssl_client_ca_dir = /etc/ssl/certs ??? ssl_dh = </etc/dovecot/dh.pem | |I would greatly appreciate any hints! | |Cheers,| |Johannes | | | ||
Aki Tuomi
2020-Aug-17 10:16 UTC
Apple Mail Since upgrade to dovecot 2.3.x unable to connect
> On 17/08/2020 12:51 Johannes Rohr <jorohr at gmail.com> wrote: > > > |Dear all,| > > |a couple of days ago I upgraded our server from Ubuntu 18.04 to 20.04, > thereby upgrading dovecot from 2.2.x to 2.3.x. > | > > |Since then, some older versions of apple's mail.app (bundled with el > Capitano, released in 2016) no longer connect. When I turn on SSL > debugging, I see:| > > |Debug: SSL error: SSL_accept() failed: error:14209102:SSL > routines:tls_early_post_process_client_hello:unsupported protocol > imap-login: Debug: SSL error: SSL_accept() syscall failed: Invalid argument| > > || > > |Unfortunately, it doesn't reveal the name of the unsupported protocol. > Also, what about the failed syscall? Does dovecot try and fail to open > some file?| > > |Here are the contents of /etc/dovecot/conf.d/10-ssl.conf:| > > |??? ssl = yes > ??? ssl_cert = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/fullchain.pem > ??? ssl_key = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/key.pem > ??? ssl_ca = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/ca.pem > ??? ssl_client_ca_dir = /etc/ssl/certs > ??? ssl_dh = </etc/dovecot/dh.pem > | > > |I would greatly appreciate any hints! > | > > |Cheers,| > > |Johannes > | > > | > | > > ||You need to set ssl_min_protocol = TLSv1.2 # or TLSv1 Aki
Johannes Rohr
2020-Aug-17 10:31 UTC
Apple Mail Since upgrade to dovecot 2.3.x unable to connect
Am 17.08.20 um 12:16 schrieb Aki Tuomi:> You need to set > > ssl_min_protocol = TLSv1.2 # or TLSv1Thanks, tried both, but unsuccessfully. Again, is there any debug setting that allows me to see what SSL version was requested? Without this, this is fumbling in the dark. Cheers, Johannes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: OpenPGP digital signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20200817/65f00568/attachment.sig>
Possibly Parallel Threads
- Apple Mail Since upgrade to dovecot 2.3.x unable to connect
- Apple Mail Since upgrade to dovecot 2.3.x unable to connect
- Unable to disable TLSv1.3 or fallback to TLSv1.2 when 1 cipher is disabled
- Unable to disable TLSv1.3 or fallback to TLSv1.2 when 1 cipher is disabled
- problem with client using TLS