similar to: Something wrong in SSL ?

checking IMAP connection. Based on that experimentation, it seems that when I try to verify certificate files with openssl, all checks out, but when I try to check thing through IMAPS, things go ugly (see log below). If I try same openssl s_client command on my web server, it gets everything correctly. As result from this one, I've even tried to use certificate from my web server with IMAP

checking IMAP connection. Based on that experimentation, it seems that when I try to verify certificate files with openssl, all checks out, but when I try to check thing through IMAPS, things go ugly (see log below). If I try same openssl s_client command on my web server, it gets everything correctly. As result from this one, I've even tried to use certificate from my web server with IMAP

I have 20+ freebsd 10 samba 4 servers joined to our local microsoft active directory. At the moment things work well enough. However the windows administrator wants to tighten his AD security by requiring tls encrypted ldap. When I add: ldap ssl = start_tls ldap ssl ads = yes cldap port = 389 the net ads commands fail: net ads testjoin Failed to issue the StartTLS instruction: Connect error

Hi all, I attempted to add an EL5.1 client to our puppet server (EL5), and after signing the client cert, got the error "Certificates were not trusted: hostname not match with the server certificate" I found the mailing list discussion and the relevant page: http://www.reductivelabs.com/trac/puppet/wiki/RubySSL-2007-006 As far as I can tell, my puppermaster''s cert CN matches

Hi! I'm trying to get information about a server certificate from a pigeonhole sieve server. Various connection attempts show only "wrong version number" or "unknown protocol" errors from openssl: $ openssl s_client -connect example.com:4190 { -tls1, -tls1_1, -tls1_2 } [ -starttls { imap, pop3 } ] None of these work. I'm trying to see who signed the server cert. How

Sure did! I am even playing with different options (including NONE) and it seems to ignore the contents of ssl.conf I have tried Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES256-SHA: Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES256-SHA Environment=G_TLS_GNUTLS_PRIORITY=PFS

I have been trying to get set of libvirtd system up and running. My PKI infrastructure involves a root CA and several intermediate CAs. I am trying to get the machines to trust each other across the different intermediate CAs. This is what I have so far: Libvirtd is starting and listening on tls port 16514 I have configured client/server certs/keys and it seems to be using all of these

Hi all, Am trying to find a way to disable SSLv3 protocol in smb.conf on Samba4. I am using the following: tls enabled = yes tls keyfile = tls/myKey.pem tls certfile = tls/myCert.pem tls cafile = With a self-signed cert. But when I remote connect from another host using: openssl s_client -showcerts -connect samba4-dc:636 -ssl3 I get a successful

Hi, Does Samba-AD support TLS 1.2 for LDAPS? If yes, can some one give more details on its configuration? Regards, Ananth

Hi, I am running dovecot 2.2.22-1ubuntu2.4 on a ubuntu 16.04 server. It has a valid Letsencrypt certificate but the problem also happens with a self-digned one. Only openssl s_client -connect localhost:993 works fine and fast, while all MUA's and telnet does not. Telnet timeouts waiting for banner after a minute or so: root at netuno:~# openssl s_client -connect localhost:993

Hi All, I just tried to test my web server with telnet. The only problem was that my web server refuses non-encrypted connections (duh!). I know that SSL and SSH are *entirely* different, but ssh is the only commonly-available encryption-enabled command-line tool around. It would be greate to have an SSL-emulation mode in OpenSSH.... Just wishful thinking, Ciaran --

s_client: Option unknown option -trace *** x509: Unknown parameter text On 5/25/20 11:49 AM, Aki Tuomi wrote: > Hi! > > Can you do > > openssl x509 text -noout </etc/letsencrypt/live/...../fullchain.pem > > and check these things: > > your server hostname isn included in SubjectAlternativeNames, and that the cert hasn't got MUST-STAPLE attribute? You can see

Hello, I'm using dovecot v2.0.21. According to http://wiki2.dovecot.org/SSL/DovecotConfiguration,dovecot 2.x supports different SSL certificate for different virtual hosts by using "local_name" directive, but I can't get it to work. When testing the certificate using "openssl s_client -connect domain.com:pop3s" I get the default certificate instead of

Hi, I'm trying to convert my LDAP server into a LDAPS server to secure the users logins, but I don't know what's the procedure to do it. Someone knows any guide to do it? For now: - I've created a CA cert on the server - I've created the cert and key for the domain pdc - I've signed that cert with CA cert. - I've followed the post in samba wiki about

Hello, I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I have problem with certificate, postfix shows, 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) I checked certs by openssl s_client: #openssl s_client -connect

On Wed, Jan 6, 2016 at 12:56 PM, Graham Allan <allan at physics.umn.edu> wrote: > On 01/06/2016 01:34 PM, Lee Brown wrote: > >> On Wed, Jan 6, 2016 at 10:36 AM, Graham Allan <allan at physics.umn.edu >> <mailto:allan at physics.umn.edu>> wrote: >> >> On 01/06/2016 09:53 AM, Graham Allan wrote: >> >> >> The packet dump

Greetings, I have had to reinstall my email server on another Linux (centos 7.6) VPS, with a newer version of dovecot, other software and a brand new letsencrypt certificate just for email withpostfix and dovecot (that certificate works fine with postfix). Output of dovecot --version and dovecot -n on the new server is below. Now, messages ARE delivered in the right IMAP mailboxes, but when I try

I'm really racking my brain trying to figure this one out here. I am running a pop3 server for remote offices on CentOS 5.2. We purchased a SSL cert from Verisign and installed it on our dovecot server, but I continue to get failure problems with the cert and I don't know where to go from here. here is some info about our config: dovecot version: # dovecot --version 1.0.7 hostname:

Hello, I have a small problem with dovecot 1.0RC2. This didn't happen with former versions. There are imap processes that are left open a long while after the client disconnected. I am running dovecot on OpenBSD 3.8. Below is the output of a process list. As you can see, there are many imap processes for the same login running. simon 11593 0.0 0.1 924 1140 ?? I 12:21PM

Has anyone tried to compile R on the Nokia maemo platform? I've been thinking about buying the n900 phone when it comes out, but I guess the main selling point would be a possibility to run R on it. I've read some rumors that it is based on debian, and that it can run X11 apps. In theory, you wouldn't even need to write any GUI. You should be able to run R in command line mode, with