-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
sogo is installed under debian 7. I put the intermediate cert to /etc/ssl/certs and checked that also the toplevel CA cert is included in /etc/ssl/certs/. And did a "c_rehash". But it didn't help. It looks like debuging SSL in sogo is nearly imposibble. No usefull messages in the logfiles - I had the same bad experiance with openldap. Anyway for now I use stunnel4 to pass it over the net. Thx+Regards, Rasca Am 23.07.2014 12:36, schrieb Daniel Berteaud: > > Le 23/07/2014 11:45, Rasca Gmelch a écrit : Hi, > > yes, when I connect with telnet I see: > > [..] "SASL" "PLAIN" "STARTTLS" [..] > > If I type STARTTLS in this telnet session I see: > > [..] OK "Begin TLS negotiation now" [..] > > So it looks like in gerneral the STARTTLS is aktivated. > >> The sogo daemon also needs to be able to validate the certificate >> of the sieve server. If you're not using a valid cert from a >> "trusted" CA (eg, you use your own private PKI or a self-signed >> certificate), you need to add your CA in the global trusted store >> of the sogo daemon. This is different for every distribution, but >> on RHEL and CentOS at least, it's a matter of: > >> - install openssl-perl - write the CA in PEM format in >> /etc/pki/tls/certs/my-custom-ca.pem (this path will be different >> on other distributions) - create the hash symlinks with c_rehash >> /etc/pki/tls/certs/ > >> Cheers, Daniel > > Regards, Rasca > > Am 23.07.2014 11:25, schrieb Christian Mack: >>>> Hello Rasca Gmelch >>>> >>>> >>>> Am 2014-07-21 15:03, schrieb Rasca Gmelch: < ... > >>>>> Now we run sogo 2.2.6 and it still does not work. I played >>>>> a little bit with the config file and figured out that it >>>>> works when I remove the tls=YES in the sieve connection >>>>> URL. But I've to use TLS because the sieve server is on >>>>> another machine. >>>>> >>>> As it works without TLS, did you enable TLS on your sieve >>>> server? >>>> >>>> >>>> Kind regards, Christian Mack >>>> > > - -- Rasca Gmelch | IT | JabberID: [email protected] OpenPGP Key ID: 8168E925, Key server: pool.sks-keyservers.net Fingerprint 1FD0 3199 13B7 7ADC 5DF1 A8EF FA4C 4AC0 8168 E925 ART+COM AG | Kleiststr. 23-26 | 10787 Berlin | Germany Fon: +49.30.21001-466 | Fax: +49.30.21001-555 http://www.artcom.de/ HRB 68308 | Amtsgericht Charlottenburg Vorstand: Andreas Wiek, Prof. Joachim Sauter Aufsichtsratsvorsitzender: Volker Tietgens USt-IdNr.: DE811998328 -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJTz6y1AAoJEPpMSsCBaOklfA0P/0a3LhRfXUx0zbwcu4wzg0Le KNKbxIZMH3lKz8Wtvsi+AMGU5fncHRE+M2zY3PTq4F6au1IcsYEdsD7I2tRFEqtS F60Cb9DEM6oeKdISRJ7dL6MiMQxjotvO5UmVU0nfpJ1Q1q2ffDjoJ5+Ni6rbxtID L7OAuWvewMgruTf67zR+kgZfwTG1O+oQvlba+XOtHK6m73eCno+Tfug3NTSg+WSl O/ppXtFIMyXwFzVlSbdRXbh7eJQm57M12R4yTgmFlk4Mi+y3JqEcQAvFuU+I+NfY FSElMdFGeW6UcE+B+LnzLgwWYk1xMM2Ef2m4hWq+QIkyXJ5UADVSNHWEPCBRn9Hh +zCgYi8Z4JYGrhEqiTgMKuBbjjkAMBizElBrgf0hbyBNSm160hCMXQppCMl0SoDt m1JUDZS2wW0vx8xmz/B4HKs1T7LypfHzU7lCKKuxZdJO8g0ppNqn34PxMd4iSyBw cwClOAgs6RcdNIyuh/oG8mha4hbl+eUiBa7xcHRPPsxnBBpWiH5LhV1EGRGhfvbe IXGW95HEfsDlI1qwBMxBGXC60kIoalhXxyWQ/6lLAygucTykPSfqIJDxFqv5XTPO OUTqJdbkGmtAsNp9U4CCeeAw3CrWKedfMI1ht/4jhbQQUbqfBtFm7bW29L/sO+jK +onfoCS44cATmDXod/oz =hcAN -----END PGP SIGNATURE----- -- [email protected] https://inverse.ca/sogo/lists
