Bug#846082: cyrus-imapd: TLS connections fail with 2.5.10-2 (new config option?)
Ondřej Surý
ondrej at sury.org
Wed Dec 7 10:31:39 UTC 2016
Control: clone -1 -2
Control: retitle -2 Notify user about tls_ciphers change in imapd.conf
Control: severity -2 normal
Thanks for the testing - I am going to remove custom tls_ciphers from
the default imapd.conf.
It also probably needs a prompt or something to notify the user that he
needs to modify the tls_versions and tls_ciphers
Cheers,
--
Ondřej Surý <ondrej at sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Knot Resolver (https://www.knot-resolver.cz/) – secure, privacy-aware,
fast DNS(SEC) resolver
Vše pro chleba (https://vseprochleba.cz) – Mouky ze mlýna a potřeby pro
pečení chleba všeho druhu
On Sat, Dec 3, 2016, at 16:24, Thorsten Zachmann wrote:
> Hello,
>
> I see the same problem after upgrading cyrus.
>
> The option TLSv1.2:+TLSv1:+HIGH:!aNULL:@STRENGTH works but it is still
> not
> possible to connect with a TLSv1 only client like the BB10 Hup.
>
> I used the following configs
> tls_versions: tls1_2 tls1_0
> tls_ciphers: TLSv1.2:+TLSv1:+HIGH:!aNULL:@STRENGTH
>
> Dec 3 16:23:01 host cyrus/imaps[13160]: no shared cipher in SSL_accept()
> ->
> fail
> Dec 3 16:23:01 host cyrus/imaps[13160]: imaps TLS negotiation
> failed:host.
> [1.1.1.1]
>
> Thorsten
>
> _______________________________________________
> Pkg-Cyrus-imapd-Debian-devel mailing list
> Pkg-Cyrus-imapd-Debian-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cyrus-imapd-debian-devel
More information about the Pkg-Cyrus-imapd-Debian-devel
mailing list