We had the exact same problem with Eudora. It seems Eudora will allow you to import a SSL certificate, but ONLY after it has one. A catch-22 we never were quite able to figure out completely.
We ended up getting a signed cert, since the bulk of our college uses Eudora. We fought with this problem with a few days as well. --- Andrew Gray Systems Administrator University of Nevada, Las Vegas College of Engineering ----- Original Message ----- From: "Reinhold Kainhofer" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 19, 2002 6:01 AM Subject: [courier-users] Eudora and courier IMAP server with SSL (self-signed certificate) > Hello, > at our department we have a Linux mail server (Debian potato, courier > IMAP daemon) with a self-signed certificate and allow only IMAP over > SSL, nothing else. All other email-clients work perfectly, only Eudora > does not seem work at all. > > > When retrieving the mail boxes (or doing any connection at all), the > users get the error box > The IMAP command has failed. > > Reason: IMAP connection to server \"ourmailserver.domain.tld\" > has been broken > > (and no further indication what went wrong). The tls setting is > "Required, alternate port" (thus using port 993), as it is supposed to > be according to the tutorials at Qualcomm's webpage. > > In the server log files, I found the following messages which indicate > that even the ssl handshake fails already, so I do not even get to the > part in the tutorials where one has the accept the certificates: > > > Apr 17 09:17:36 gauss stunnel: LOG5[23185:1024]: Using > '/usr/sbin/imaplogin' as tcpwrapper service name > Apr 17 09:17:36 gauss stunnel: LOG5[23185:1024]: stunnel 3.10 on > i586-pc-linux-gnu PTHREAD+LIBWRAP > Apr 17 09:17:36 gauss stunnel: LOG5[23185:1024]: /usr/sbin/imaplogin > connected from 193.171.246.44:1094 > Apr 17 09:17:36 gauss stunnel: Connection, ip=[193.171.246.44] > Apr 17 09:17:39 gauss stunnel: LOG3[23185:1024]: SSL_accept: > error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure > > And when connecting with e.g. Outlook it is: > > Apr 2 11:41:15 gauss stunnel: LOG5[6135:1024]: Using > '/usr/sbin/imaplogin' as tcpwrapper service name > Apr 2 11:41:15 gauss stunnel: LOG5[6135:1024]: stunnel 3.10 on > i586-pc-linux-gnu PTHREAD+LIBWRAP > Apr 2 11:41:15 gauss stunnel: LOG5[6135:1024]: /usr/sbin/imaplogin > connected from 193.171.246.44:1401 > Apr 2 11:41:15 gauss stunnel: Connection, ip=[193.171.246.44] > Apr 2 11:41:15 gauss stunnel: LOGIN, user=kainhofer, ip=[193.171.246.44] > > > So, it seems to me that Eudora cannot handle the SSL Handshake correctly > (or does not play together with our settings). > > > > Do you have any idea how to make this work (several professors still use > Windows with the latest paid version of Eudora)? Has anybody been able > to use Eudora with a self-signed certificate on a courier IMAP server? > > Thanks a lot, > Reinhold > > -- > ------------------------------------------------------------------ > DI Reinhold Kainhofer, Graz, Austria > email: [EMAIL PROTECTED], http://reinhold.kainhofer.com/ > * Mathematics Department, Technical University of Graz > * Theoretical Physics Department, University of Graz > ------------------------------------------------------------------ > > > > _______________________________________________ > courier-users mailing list > [EMAIL PROTECTED] > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
