I changed my Debian/Jessie to testing and it is working again: openssl s_client -starttls imap -connect mail.txbweb.de:143
I can use STARTTLS again in Thunderbird for IMAP. I didnt make a full dist-upgrade, I just modified the name jessie in /etc/apt/sources.list and entered apt-get update && apt-get upgrade. So I got only half of the new packages. And most of the mail concerning packages have been kept back. LOL? root@txbweb ~ # apt-get upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages have been kept back: apache2 apache2-bin apache2-data apache2-utils apt apt-utils aptitude aptitude-common bind9-host btrfs-tools build-essential clamav clamav-base clamav-daemon clamav-freshclam clamdscan courier-authdaemon courier-authlib courier-authlib-mysql courier-authlib-userdb courier-base courier-imap courier-imap-ssl courier-ssl cpp cpp-4.9 curl dbus debugedit dmeventd dmsetup dnsutils It s still courier version 4.15-1.6 May be the installation of the other packages fixed a broken system? I will never know. It s only a virtual server and the hoster resets the servers irregularly for maintenance, and maybe it s not good for a mailsystem. Am 2016-07-31 19:18, schrieb Sam Varshavchik: > tba...@txbweb.de writes: > >> For testing I ve set the two variable TLS_CERTFILE and TLS_DHPARAMS to >> non existing files (last char deleted), but I dont get any error >> messages when restarting imap-ssl. >> >> TLS_CERTFILE=/etc/courier/imapd_startcom_20160719.cr >> TLS_DHPARAMS=/etc/courier/dhparams.pe >> >> >> And when I set the variable smtpd_tls_cert_file in main.cf of Postfix >> to >> a non existing cert file (last char deleted), >> >> smtpd_tls_cert_file = /etc/ssl/certs/mail.txbweb.de.20160719.cr >> >> This means that courier doesnt read my certificate even when it is set >> correctly? Is > > courier doesn't read the certificate until an actual SSL connection > gets established. > >> "cat /etc/ssl/private/mail.txbweb.de.key >> /etc/ssl/certs/mail.txbweb.de.20160719.crt >> /etc/ssl/certs/startcom.sca.server2.crt > >> /etc/courier/imapd_startcom_20160719.crt" >> >> still the correct method to create the cert file for courier-imap-ssl? > > Looks ok to me. I can never remember whether the intermediate cert > must come first, or last. If this worked before, then it should work > now. > > > ------------------------------------------------------------------------------ > > _______________________________________________ > Courier-imap mailing list > Courier-imap@lists.sourceforge.net > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap ------------------------------------------------------------------------------ _______________________________________________ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
