>On 08/15/2014 06:18 PM, Matus UHLAR - fantomas wrote: >> On 15.08.14 17:18, sergio wrote: >>> Hello all courier users! >>> I've successfully installed Courier 0.66.1 on Ubuntu 12.04. All is >>> working perfectly, but when I add free certificate from StartSSL and try >>> to use for imap and smtp I've got error >>> >>> courieresmtpd: courieresmtpd: STARTTLS failed: couriertls: connect: >>> error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher >> >> what are the TLS options from courier esmtpd and esmtps-ssl files?
On 15.08.14 22:18, sergio wrote: >TLS_PROTOCOL="SSL23" oh! Thy did you disable tls1? >TLS_CIPHER_LIST="SSLv3:TLSv1:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!aNULL@STRENGTH" why the !MEDIUM ? 'DEFAULT:!LOW:!EXPORT' should be OK, if you don't the MEDIUM, add it too... check with "openssl ciphers -v 'SSLv3:TLSv1:HIGH:\!LOW:\!MEDIUM:\!EXP:\!NULL:\!aNULL@STRENGTH'" -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. - Have you got anything without Spam in it? - Well, there's Spam egg sausage and Spam, that's not got much Spam in it. ------------------------------------------------------------------------------ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
