Hi Ian, the mailing list sometimes defers some mail, so people responded individually.
TLS 1.0 is somewhat "SSLv4", and was mainly renamed. SSLv2 is broken since a long time, and SSLv3 should also be disabled (at the latest since POODLE). If your server offers TLS1.0-1.2, pretty much every client should work. A+ at SSLlabs at least tells that you're limiting to _secure_ cipihers, which should be supported by a sufficiently new Thunderbird version (which you do). I guess you will not receive further, more deep feedback without revealing the URI to the server, without everybody is limited to wild guessing. Dumping the (relevant parts defining the algorithms to use) of the server configuration would be another option, but getting hands on the problem is always easier. Regards, Jens On 10.12.2014 00:36, Ian Smithers wrote: > Hello all, thanks for the replies. Seems each reply came in separately, > so whilst I am responding to this one, I did read them all. :) I had a > look at the Qualys SSL Labs Test and analyzed my server. The report > results was A+, and the only thing which I found confusing was that it > said under Configuration -> Protocols it lists TLS 1.0, 1.1 and 1.2 as > 'Yes' and SSL2 and SSL3 as 'No'. Reason this confuses me is that my > Android phone is set up to sync with this server too, and has the option > 'Use SSL' ticked, and it works perfectly fine. Are TLS and SSL actually > different? From some search it seems some places refer to them as the > same thing, whilst others treat them differently. > > I'm wondering if that is why my Thunderbird + Sogo Connector is unable > to find a cypher to use. To answer questions from other respondees this > is indeed the latest Thunderbird (31.3.0) and the server is also brand > new, and only set up just recently and doesn't have any old or decaying > configuration options that might result in outdated cyphers. I haven't > checked the timestamps however my expectation is that they are the same > on server and client. > > Thanks! > > On 2014-12-09 23:58, RalfK wrote: >> spontaneously: Check date and time settings on client and server. They >> should not be different from each other... >> >> This is due to that timestamps are taking a role in validating ciphers... >> >> Just a thought. >> >> Reg. >> >> Ralf >> >> >> Am 09.12.2014 um 05:16 schrieb Ian Smithers: >>> Hi all, >>> >>> I am using Thunderbird and the Sogo Connector to sync contacts with my >>> Carddav server. However in the Thunderbird error console, whenever I try >>> to sync, I get an error: sogo ssl_error_no_cypher_overlap and the sync >>> fails. I've done some searching online and am not sure if this is an >>> issue with Thunderbird or with the Sogo Connector which sits in between. >>> I haven't tested it via unsecured HTTP yet, but obviously I would prefer >>> to use HTTPS if that is an option. Has anyone else had this issue, or >>> can suggest some things to try? >>> >>> Thanks! -- Jens Erat [phone]: tel:+49-151-56961126 [mail]: mailto:[email protected] [jabber]: xmpp:[email protected] [web]: http://www.jenserat.de OpenPGP: 0D69 E11F 12BD BA07 7B37 26AB 4E1F 799A A4FF 2279
smime.p7s
Description: S/MIME Cryptographic Signature
