Hi, there, Paolo. Thanks for this fine feedback. :-) On Sat, 13 Dec 2003, Paolo Nesti Poggi wrote: >Based on my newbe experience with bincimap I would also suggest some changes >to bincimap homepage: >1) I would move: >"Binc IMAP currently has only support for Maildir (no mbox support)." >from being a "note" to a position just after the rest of the compatibility >description:
I agree that it should not be a note, but it is mentioned in the very first line at the top of the page: "Binc IMAP is a well designed, modular IMAP server for Maildir." I've added a paragraph under the first line to make this point clearer. >2) Unless you make a point that IMAPdir is THE recommended format (and >from reading the web I didn't get that impression) I would omit the >bullit point about "Find the IMAPdir specification". >(...) >information for my situation (I want to install bincimap) and that note >about a IMAPdir force me to try and understand if IMAPdir is really >Because of this I would put a reference and link to IMAPdir inside the >section "Binc IMAP's design is briefly explained here". That's also a good point. IMAPdir is mentioned in the rest of the documentation, and it's not necessarily front page material. >3) I understand the intention of having: >Here's a list of user contributions. > and >The Life With Binc IMAP Wiki is a good place to start if you're having >problems with Binc IMAP >on separate sections, however as things stand now (with the content of those >2 sections) it would be more useful from a user point of view >to have them united under "Life With Binc IMAP" adding an extra section of >links towards user contributions. Nice one. Added this too. Doesn't look great now; I'll fix it up later. >So this is my contribution as one new to the website and in general to >bincimap. >I thought I wanted to write this down now, when I'm still new to it. Thanks. The web pages need a face lift, and any input is appreciated. :-) >I found out that the problem was that the certificate had the password >inside and bincimap asked for it (the password) in an endless loop. This is also valuable information that we should add notes about in the SSL docs we have. I've written a guide to SSL as part of the 1.2.4 release which better explains how to use SSL with Binc (many inquiries from users are on this subject). >I wonder how you get it to work without removing the password from the key. ...By not creating a password in the first place. When openssl asks for it, hitting enter will create a key with no password. This is something that should of course also be mentioned in the docs. >About the "bad certificate" error in the log file: >Trying to connect with Netscape 7 or 4.7 makes no difference (well, although >the text might be slightly different). I get the log below: >@400000003fda4e0b0c83ba4c 3868 0 [EMAIL PROTECTED]:] Error initializing >Binc IMAP: SSL negotiation failed: Internal SSL error: >error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate >However I will test with other clients too and think that I can just fine >tune the way >the certificate is made (changing openssl.conf). >I don't expect it to be a major problem now that the server run as expected >(but I might be surprised :-) I can't say I know why the bad cert error is showing up, but if you create the private key and certificate like this, could you try and see if it helps? openssl req -newkey rsa:1024 -keyout binc.key -CA \ myCA.pem -nodes -x509 -days 365 -out binc.cert Then copy both the key and cert into one file, and have "pem file" point to that file. Assuming your CA certificate is called myCA.pem. >Thank you for that, lot of output! And, by the way, now I've found again >where something similar is recommended on the bincimap web site (under >FAQ, oh boy, could it have been easier to find?). Do you have a suggestion for a better place to put this information? Andy :-) -- Andreas Aardal Hanssen | http://www.andreas.hanssen.name/gpg Author of Binc IMAP | "It is better not to do something http://www.bincimap.org/ | than to do it poorly."
