Re: [Imap-uw] Hard coded port questions

Fri, 17 Jun 2005 09:44:04 -0700
Paul: That's an excellent suggestion. I will give it a try to see if it works. We're supporting just about every mail client under the sun (emacs & rmail included), but if it works, it works. 

[EMAIL PROTECTED] wrote:


Still another way to solve the problem is, do not use a second imap
daemon. Generate your server certificate with CN=<hostname of server> and
alternative names of
DNS:<hostname of server>,DNS:server1.test.net,DNS:server2.test.net
and all alias names that may be used by clients to connect to the server.
openssl x509 allows you to do that.
We found it essential to repeat CN in the alternative names list.
All modern mailtools accept a cerificate if CN or one of the alternative
names matches. One notable exception is pine (or better the c-client
library at the pine61 level). It only tests CN and complains if it does
not match or you have used the novalidate-cert switch. Maybe Mark could
extend the code to accept the alternative names.

Kind regards
Paul

On Thu, 16 Jun 2005, Mark Crispin wrote:


 


On Thu, 16 Jun 2005, Matt Linton wrote:

   


One imap daemon can only have one signed certificate (to my knowlege).
However, due to creative routing and things, the requests to
<server1.test.net> are coming FROM <server2.test.net> as well as from
server1.

     


Another way to solve the problem is to have a *.test.net certificate.
Wildcard certificates are not deployed lightly, but at times they have
their uses.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.
_______________________________________________
Imap-uw mailing list
[email protected]
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw


   



========================================================================
Paul Tedaldi                     |
Informatikdienste                |    Email:  [EMAIL PROTECTED]
Universitaet Zuerich             |
Winterthurerstr. 190             |    Tel:    +41 (0)44 635 4523
CH-8057 Zuerich                  |    Fax:    +41 (0)44 635 4505
Switzerland                      |
========================================================================

 



_______________________________________________
Imap-uw mailing list
[email protected]
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw






















					Reply via email to