Hello! On Thu, Jul 20, 2017 at 09:17:02AM +0000, tom via nginx wrote:
> Hello list, > I configured sucessfully the mail_proxy for nginx 1.10.2 von RHEL7, but > authentication only succeeds if upstream server which is provided by the > auth_http Server is cleartext, e.g. if the auth-server responds > 2017/07/20 11:02:47 [debug] 9535#0: *49 mail auth http header: "Auth-Status: > OK" > 2017/07/20 11:02:47 [debug] 9535#0: *49 mail auth http header: "Auth-Server: > 192.168.0.200" > 2017/07/20 11:02:47 [debug] 9535#0: *49 mail auth http header: "Auth-Port: > 143" > then everything works fine, but having > 2017/07/20 11:02:47 [debug] 9535#0: *49 mail auth http header: "Auth-Status: > OK" > 2017/07/20 11:02:47 [debug] 9535#0: *49 mail auth http header: "Auth-Server: > 192.168.0.200" > 2017/07/20 11:02:47 [debug] 9535#0: *49 mail auth http header: "Auth-Port: > 993" > 2017/07/20 11:02:47 [debug] 9535#0: *49 mail auth http header: "Auth-SSL: on" > > I get > 2017/07/20 11:03:47 [info] 9535#0: *49 upstream timed out (110: Connection > timed out) while connecting to upstream, client: 192.168.0.200, server: > 0.0.0.0:10993, login: "u...@domain.com", upstream: 192.168.0.200:993 > When I directly do a > > openssl s_client -connect 192.168.0.200:993 -crlf > I am able to login with > . login u...@domain.com password > > Any help is appreciated. The "Auth-SSL" header is meaningful in auth_http requests, and means that client used SSL. It doesn't mean anything in auth_http responses. Moreover, connecting to SSL mail backends is not supported. If you really need it, consider connecting to a tunnel wich will do SSL for you - for example, the stream module can be configured to do this. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
