Hello, I try to setup a IMAP proxy for my old Exchange server. Running Dovecot v2.x on Centos 7. So far I follow http://wiki2.dovecot.org/HowTo/ImapcProxy and it seem to work. The only but major thing is with this setup - the communication between proxy and backend is not encrypted. :( To fix this, I changed the config and add: imapc_ssl=imaps imapc_port=993 but it doesnt work, because of verify failure of the self signed backend certificate: Jan 5 21:48:55 imap dovecot: imap(user1): Error: imapc(192.168.1.1:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings) Jan 5 21:48:55 imap dovecot: imap(user1): Error: imapc(192.168.1.1:993): No SSL context Jan 5 21:48:55 imap dovecot: imap(user1): Error: imapc: Command failed: Disconnected from server Jan 5 21:48:55 imap dovecot: imap(user1): Error: user tkoenig: Initialization failed: Initializing mail storage from mail_location setting failed: Mailbox list driver imapc: Failed to access imapc backend Jan 5 21:48:55 imap dovecot: imap(user1): Error: Invalid user settings. Refer to server log for more information. I didnt found anything in the documentation which tells dovcot not verify the backend certificate. Is there a know way to get it runing? Many thanks for any hint! regrds, Tom
Sami Ketola
2017-Jan-06 17:04 UTC
IMAP proxy for Exchange - encrypted backend Communication?
> On 5 Jan 2017, at 22.56, tom <posturne at gmail.com> wrote: > > Hello, > > I try to setup a IMAP proxy for my old Exchange server. > Running Dovecot v2.x on Centos 7. > > So far I follow http://wiki2.dovecot.org/HowTo/ImapcProxy and it seem > to work. The only but major thing is with this setup - the > communication between proxy and backend is not encrypted. :( > > To fix this, I changed the config and add: > imapc_ssl=imaps > imapc_port=993 > > but it doesnt work, because of verify failure of the self signed > backend certificate:you need to set: imapc_ssl_verify = no Regards, Sami
Thomas Koenig
2017-Jan-06 17:45 UTC
IMAP proxy for Exchange - encrypted backend Communication?
thx, I'll try it. Currently I use stunnel as a quick and dirty work around. Tom Am 6. Januar 2017 18:04:57 MEZ schrieb Sami Ketola <sami.ketola at dovecot.fi>:> >> On 5 Jan 2017, at 22.56, tom <posturne at gmail.com> wrote: >> >> Hello, >> >> I try to setup a IMAP proxy for my old Exchange server. >> Running Dovecot v2.x on Centos 7. >> >> So far I follow http://wiki2.dovecot.org/HowTo/ImapcProxy and it seem >> to work. The only but major thing is with this setup - the >> communication between proxy and backend is not encrypted. :( >> >> To fix this, I changed the config and add: >> imapc_ssl=imaps >> imapc_port=993 >> >> but it doesnt work, because of verify failure of the self signed >> backend certificate: > >you need to set: > >imapc_ssl_verify = no > >Regards, >Sami