pop with starttls works when I force the use of TLSv1. $ openssl s_client -connect mailtest:110 -starttls pop3 -tls1
I guess the client I was testing is broken. But my original openssl command worked for starttls against a non-UWash pop3 server. On Mon, Jul 26, 2004 at 03:27:44AM -0400, Matt Selsky wrote: > I built imap-2004a on Solaris 9 (OpenSSL 0.9.7d) like so: > > $ make gso PASSWDTYPE=pmb SSLTYPE=nopwd SSLDIR=/opt/local \ > SSLCERTS=/var/ssl EXTRALDFLAGS='-R/opt/local/lib' > > I'm able to connect securely via port 995 (pop3s), but I can't connect > via 110 using starttls. > > $ openssl s_client -connect mailtest:110 -starttls pop3 > CONNECTED(00000004) > 16910:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226: > > When I connect via netcat, and issue the capabilities command, I see > starttls listed, but I get an immediate OK response when I issue the > STLS command: > > $ nc mailtest 110 > +OK POP3 mailtest 2004.88 server ready > CAPA > +OK Capability list follows: > TOP > LOGIN-DELAY 180 > UIDL > STLS > . > STLS > +OK STLS completed > > IMAP is working for both starttls and ssl. How can I debug this > further? > > Thanks. > -- > ------------------------------------------------------------------ > For information about this mailing list, and its archives, see: > http://www.washington.edu/imap/c-client-list.html > ------------------------------------------------------------------
