hi,all
I found error infomation: /var/log/maillog:
==================
imapd-ssl: starttls: accept: error:140090c7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
imapd-ssl: starttls: accept: error:140090c7:SSL
routines:SSL3_GET_CLIENT_HELLO:unknown protocal
imapd-ssl: starttls: accept: error:140090c7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
imapd-ssl: starttls: accept: error:00000000:lib(0):func(0):reason(0)
=====================
'/usr/lib/courier-imap/etc/imapd-ssl' config:
SSLPORT=993
SSLADDRESS=0
IMAPDSSLSTART=YES
IMAPDSTARTTLS=YES
IMAP_TLS_REQUIRED=0
COURIERTLS=/usr/lib/courier-imap/bin/couriertls
TLS_PROTOCOL=SSLv3
TLS_STARTTLS_PROTOCOL=TLS1
TLS_CERTFILE=/usr/lib/courier-imap/share/imapd.pem
TLS_VERIFYPEER=REQUIREPEER
====================
I install courier-imap-1.4.2 on rh v7.2
I setup workstation is OE 6.0, using: imap-ssl (993)
I used openssl to create two file: my.mail.domain.com.key and
my.mail.domain.com.cert
cat my.mail.domain.com.key > /usr/lib/courier-imap/share/imapd.pem
cat my.mail.domain.com.cert > /usr/lib/courier-imap/share/imapd.pem
/usr/lib/courier-imap/share/imapd.pem 600 pvtuser.root
and
I saw file '/usr/lib/courier-imap/etc/imapd-ssl'
when TLS_VERIFYPEER=NONE or PEER, OE recived email (port 993 ) was ok,
but when TLS_VERIFYPEER=REQUIREPEER, OE didn't fetch email.
How to verify client certificates ?
thanks
f980215 [EMAIL PROTECTED]
------------------------------------------------------------
Get your FREE web-based e-mail and newsgroup access at:
http://MailAndNews.com
Create a new mailbox, or access your existing IMAP4 or
POP3 mailbox from anywhere with just a web browser.
------------------------------------------------------------
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
