Hi Nick. I know you from COS but different handle.
Welcome and I hope you enjoy K9.
Perhaps this can help as I've been using this setup with COS52 for
some time.
It was a bit of a pain to figure out what would get it to work. I
think I gave up on STARTTLS as I've defaulted to SSL/TLS. I've
forced that TLS is only used on the COS box without any downgrading.
on the Incoming try port 993 with SSL/TLS; normal pswd
on the Outgoing try port 465 with SSL/TLS; normal pswd
Cheers!
B.
On 5.04.2015 12:29 , Nick Howitt wrote:
Hi,
I am trying to get K-9 to use certificates/STARTTLS to
communicate with and relay through my postfix mail server. I
have a self-signed ca-cert and have generated user certificates
and keys from this. I have imported the ca-cert into Android and
the p12 user certificate into K-9.
Using STARTTLS/port 587, every time I switch from user/pass
authentication to certificates I get a message from
K-9:[code]Cannot connect to server. (Unable to authenticate. The
server does not advertise the SASL EXTERNAL capability. This
could be a problem with the client certificate (expired, unknown
certificate authority) or some other configuration
problem.)[/code]I have tried using a user certificate and the
system certificate but nothing I do changes the reply.
If I try telnetting into port 587 I get:[code][root@server ~]#
telnet 127.0.0.1 587
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 mailserver.howitts.co.uk ESMTP Postfix
ehlo howitts.co.uk
250-mailserver.howitts.co.uk
250-PIPELINING
250-SIZE 51200000
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN[/code]So STARTTLS is advertised. In postfix the message
I get is:[code]Apr 5 16:33:27 server postfix/smtpd[9162]:
connect from motog.howitts.co.uk[172.17.2.113]
Apr 5 16:33:27 server postfix/smtpd[9162]: setting up TLS
connection from motog.howitts.co.uk[172.17.2.113]
Apr 5 16:33:27 server postfix/smtpd[9162]:
motog.howitts.co.uk[172.17.2.113]: Trusted:
subject_CN=ourfamily, issuer=ca.server.howitts.lan,
fingerprint=13:45:A2:B4:94:B0:18:4A:E3:46:C0:29:29:BE:1E:27
Apr 5 16:33:27 server postfix/smtpd[9162]: Trusted TLS
connection established from motog.howitts.co.uk[172.17.2.113]:
TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits)[/code]So
the connection seems to be OK at the postfix end.
I do sometimes get host-name mismatch warnings which I accept
but then I end up with the same error.
Have you any idea what I am doing wrong?
TIA,
Nick
--
--
You received this message because you are subscribed to the K-9
Mail Users List.
To post to this group, send email to [email protected]
To unsubscribe, email [email protected]
To report an issue with K-9 Mail, visit http://code.google.com/p/k9mail/issues/list
For more options, visit this group at http://groups.google.com/group/k-9-mail
---
You received this message because you are subscribed to the Google
Groups "K-9 Mail" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
For more options, visit https://groups.google.com/d/optout.
--
--
You received this message because you are subscribed to the K-9 Mail Users List.
To post to this group, send email to [email protected]
To unsubscribe, email [email protected]
To report an issue with K-9 Mail, visit http://code.google.com/p/k9mail/issues/list
For more options, visit this group at http://groups.google.com/group/k-9-mail
---
You received this message because you are subscribed to the Google Groups "K-9 Mail" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
For more options, visit https://groups.google.com/d/optout.
|
