similar to: Error: SSL_accept() syscall failed

Am 11.10.2019 um 13:22 schrieb C. James Ervin via dovecot: > In setting up my new mail server, I am getting the following in the logs: > > Oct 11 07:10:59 kumo dovecot[5704]: imap-login: Disconnected (no auth > attempts in 0 secs): user=<>, rip=24.53.79.10, lip=172.26.12.90, *TLS > handshaking: SSL_accept() syscall failed: Success*, > session=<B9OokqCUD+UYNU8K>

I know this is something which should have a simple fix but I'm failing to see it somehow. I'm moving samba service between a couple of FreeBSD systems (9.3 to 10.2), and I'm stuck on getting samba on the new machine to connect to our openldap server over ssl - frustrating since I've been running samba+ldap for 15 years or so; feel sure I'm missing something basic!

Hello, I have 2 Dovecot 2.3.8 servers running SSL with valid wildcard certificates. Email clients connect fine, https://www.immuniweb.com/ssl/ tests show certificates are ok. However I can't make replication work when I add ssl = yes. Without ssl it works ok. I added verbose_ssl in config and error log shows: dovecot: doveadm(149.x.x.x): Error: SSL handshake failed: SSL_accept()

On macOS 10.15.5 and R-devel: > download.file("https://www.r-project.org", tempfile()) trying URL 'https://www.r-project.org' Error in download.file("https://www.r-project.org", tempfile()) : cannot open URL 'https://www.r-project.org' In addition: Warning message: In download.file("https://www.r-project.org", tempfile()) : URL

I have several samba servers on Debian 10 all using : samba 2:4.9.5+dfsg-5+deb10u1 amd64 I use tls cafile, tls certfile and tls keyfile with certificates from Sectigo (https://cert-manager.com) And when checking my connexion from the samba server, or from outside, I've got "unable to verify the first certificate" even if tls_cafile is provided in smb.conf. What is wrong

On Sat, May 30, 2020 at 11:40 PM Duncan Murdoch <murdoch.duncan at gmail.com> wrote: > > On 30/05/2020 5:23 p.m., Bob Rudis wrote: > > I've updated the dashboard (https://rud.is/r-project-cert-status/) > > script and my notifier script to account for the entire chain in each > > cert. > > You never posted which certificate has expired. Your dashboard shows

I've updated the dashboard (https://rud.is/r-project-cert-status/) script and my notifier script to account for the entire chain in each cert. On Sat, May 30, 2020 at 5:16 PM Bob Rudis <bob at rud.is> wrote: > > # A tibble: 13 x 1 > site > <chr> > 1 beta.r-project.org > 2 bugs.r-project.org > 3 cran-archive.r-project.org > 4 cran.r-project.org

It's the top of chain CA cert, so browsers are being lazy and helpful to humans by (incorrectly, albeit) relying on the existing trust relationship. libcurl (et al) is not nearly as forgiving. On Sat, May 30, 2020 at 5:01 PM peter dalgaard <pdalgd at gmail.com> wrote: > > Odd. Safari has no problem and says certificate expires August 16 2020, but I also see the download.file

Hi all, when hardening dovecot against the POODLE vulnerability, we followed the advise to disable SSL2 and SSL3 but this is giving problems with some email clients (claws-mail). ssl_protocols = !SSLv2 !SSLv3 results in the following error: dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL

Hi All, Does anyone know how to disable the Director service. In our current running Dovecot 2.2.4, if the director configuration is commented out and Dovecot has no errors nor warnings. But the version 2.2.12 I'm testing with gives out fatal errors. We have dedicated Dovecot Director servers that serve the public frontend and separate dedicated imap/pop3 servers on the backend

On 12/2/2014 1:32 AM, Reindl Harald wrote: > > Am 02.12.2014 um 06:44 schrieb Will Yardley: >> On Mon, Dec 01, 2014 at 09:27:48PM -0800, Darren Pilgrim wrote: >>> On 12/1/2014 4:43 PM, Will Yardley wrote: >>>> Can you use both ssl_protocols *and* ssl_cipher_list in the same config >>>> (in a way that's sane)? >>> >>>> Is there a

Hi, currently we deploying Dovecot as imap/pop3 proxy. Every few minutes some panic/assert occurred (we connect roughly 7k - 8k user at one imap proxy with a connection rate of 200/s). We activate core dumps. Concerning the sensitive information in the dump we would prefer to not share the dump (e.g. i found our ssl private key in the dump). Log/Stack trace: Mar 30 15:54:06 imap16 dovecot:

Hi thanks for your help! Trying to set your same parameters, when restarting dovecot, gives the error: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 136: Unknown setting: ssl_prefer_server_ciphers doveconf: Error: managesieve-login: dump-capability process returned 89 doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 136: Unknown setting:

Hi Folks, after adding TLSv1.2 to by TLS options a lot of Outlook users complaint about connection errors, openssl s_client and Thunderbird works fine. I found some posts about this but none of them had a real solution on this - I meanwhile disabled TLSv1.2 which made the Outlook users happy. I run dovecot 2.2.13, OpenSSL 1.0.1j 15 Oct 2014 ssl_cert = </var/qmail/control/servercert.pem

On 04.03.2015 18:19, Emmanuel Dreyfus wrote: > On Wed, Mar 04, 2015 at 06:13:31PM +0200, Adrian Minta wrote: >> Hello, >> about the CVE-2015-0204, in apache the following config seems to disable >> this vulnerability: >> SSLProtocol All -SSLv2 -SSLv3 >> SSLCipherSuite >> HIGH:MEDIUM:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4 >> >> Is

Dear libvirt team, we a currently in a pci-dss certification process and our security scanner found weak ciphers in the vlc_tls service on our centos6 box: When I scan using sslscan I can see that sslv3 and rc4 is accepted: inf0rmix@tardis:~$ sslscan myhost:16514 | grep Accepted Accepted SSLv3 256 bits DHE-RSA-AES256-SHA Accepted SSLv3 256 bits AES256-SHA Accepted SSLv3 128

Hello, I stumbled across a 5-year-old post on the dovecot list about changing the dovecot hierarchy separator to enable shared mailboxes (http://www.dovecot.org/list/dovecot/2011-January/056201.html <http://www.dovecot.org/list/dovecot/2011-January/056201.html>). At the moment I?m stuck in a pretty similar situation. Migrated from courier to dovecot 2 years ago and preserved the

I installed 2.5.1p2 on an irix system and noticed that if a user logged in typed "logname" it was providing the wrong username. File creations were correct, "w" produces the correct output....so something is funky in p2 that wasn't there in p1.

Hi, I tried to migrate my dovecot 2.2 to a new server with a other storage configuration and dovecot 2.3. New (and old) Server uses mysql for user information I use the following storage settings mail_home = /storage1/vmail/%{userdb:path} mail_location =

Hello, the RPM ca-certificates-2018.2.22-65.1.el6.noarch has a big problem ... many certificates were removed - my proxy uses this as source and isn't able to validate correct any more - most sites show this: /[No Error] (TLS code: X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) /Self-signed SSL Certificate in chain: /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root