Re: Imap-uw and openssl certificate
Dick Hoogendijk wrote: On 19 Oct Frank Staals wrote: Don't be so certain about that. fstaals.net *is* a valid hostname, and its IP-address can easily be found via DNS, and it can be connected to. The MX-configuration of my domain is pointing to fstaals.net , to add an subdomain for my small mailserver seemed a bit exagerated, so that isn't the problem. I can add a subdomain, but I don't see why that should help since the certificate clearly says 'localhost'. I ran this imap server for a short time but never had problems making and using a ssl cert. My server's called nagual.st. Are you sure the server indentifies as localhost even if contacted from the *outside* ? It does of course when you contact it from the local nic. As suggested using another imap server is also my idea. I don't use dovecot, but the whole courier mail package. It works like a charm. And is very fast. It does use maildirs though, unlike imap-uw. I have a successful integration with imap-uw and openssl uw is picky about the certificate use the following mkdir /etc/ssl/certs cd /etc/ssl/certs openssl req -new -x509 -nodes \ -out imapd.pem -keyout imapd.pem -days 3650 vi /etc/inetd.conf add the following line imaps stream tcp nowait root /usr/local/libexec/imapd imapd *note it cannot be imap it must be imaps go to uw source directory cd imapd-2004d make bsf cp imapd/imapd /usr/local/libexec/imapd hope this helps -- Sean Murphy Senior Network Technician California Institute of the Arts ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Imap-uw and openssl certificate
Hi, I'm running an mailserver accessable with imap, to do so I followed this guide: http://www.puresimplicity.net/~hemi/freebsd/sendmail.html . When I run 'make cert' in mail/imap-uw and I fill in the 'wizzard' it asks for a Common Name in which I enter the name of the server ( fstaals.net ) the 'wizzard' also adds by default 'localhost' as CN: Common Name (FQDN of your server) []: fstaals.net Common Name (default) []: localhost When I try to connect with my mail-client ( thunderbird ) it states that the mail-certificate doesn't match with the server I'm trying to access. When looking at the certificate in thunderbird it says certificate for localhost instead of certificate for fstaals.net. I don't realy know how to change this, so I'm kind of stuck. I hope someone can help me ? Thanks in advance -- -Frank Staals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Imap-uw and openssl certificate
Common Name (FQDN of your server) []: fstaals.net
The first answer that come to my mind is that your IMAP{ server is
certainly NOT called fstaals.net, but it should rather be
imap.fstaals.net or mail.fstaals.net or something.
You must put the exact name of your server, as it is known by DNS and
reverse DNS.
Olivier
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Imap-uw and openssl certificate
On Wed, Oct 19, 2005 at 03:49:15PM +0700, Olivier Nicole wrote:
Common Name (FQDN of your server) []: fstaals.net
The first answer that come to my mind is that your IMAP{ server is
certainly NOT called fstaals.net, but it should rather be
imap.fstaals.net or mail.fstaals.net or something.
Don't be so certain about that. fstaals.net *is* a valid hostname,
and its IP-address can easily be found via DNS, and it can be connected to.
It is often considered bad practice to have hostnames of that kind, but it
is quite possible to do it.
You must put the exact name of your server, as it is known by DNS and
reverse DNS.
He probably did exactly that.
--
Insert your favourite quote here.
Erik Trulsson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Imap-uw and openssl certificate
On Wed, 19 Oct 2005 10:46:23 +0200 Frank Staals [EMAIL PROTECTED] wrote: Common Name (FQDN of your server) []: fstaals.net Common Name (default) []: localhost When I try to connect with my mail-client ( thunderbird ) it states that the mail-certificate doesn't match with the server I'm trying to access. When looking at the certificate in thunderbird it says certificate for localhost instead of certificate for fstaals.net. I don't realy know how to change this, so I'm kind of stuck. /usr/ports/mail/imap-uw ] # grep -r -i cert * shows that you can edit files/imap-uw.cnf and change the localhost-part however, you might want to consider installing a better imap-server like e.g. dovecot (/usr/ports/mail/dovecot) -- grtjs, albi gpg-key: lynx -dump http://scii.nl/~albi/gpg.asc | gpg --import ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Imap-uw and openssl certificate
Erik Trulsson wrote:
On Wed, Oct 19, 2005 at 03:49:15PM +0700, Olivier Nicole wrote:
Common Name (FQDN of your server) []: fstaals.net
The first answer that come to my mind is that your IMAP{ server is
certainly NOT called fstaals.net, but it should rather be
imap.fstaals.net or mail.fstaals.net or something.
Don't be so certain about that. fstaals.net *is* a valid hostname,
and its IP-address can easily be found via DNS, and it can be connected to.
It is often considered bad practice to have hostnames of that kind, but it
is quite possible to do it.
You must put the exact name of your server, as it is known by DNS and
reverse DNS.
He probably did exactly that.
The MX-configuration of my domain is pointing to fstaals.net , to add an
subdomain for my small mailserver seemed a bit exagerated, so that isn't
the problem. I can add a subdomain, but I don't see why that should help
since the certificate clearly says 'localhost'.
--
-Frank Staals
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Imap-uw and openssl certificate
albi wrote: On Wed, 19 Oct 2005 10:46:23 +0200 Frank Staals [EMAIL PROTECTED] wrote: Common Name (FQDN of your server) []: fstaals.net Common Name (default) []: localhost When I try to connect with my mail-client ( thunderbird ) it states that the mail-certificate doesn't match with the server I'm trying to access. When looking at the certificate in thunderbird it says certificate for localhost instead of certificate for fstaals.net. I don't realy know how to change this, so I'm kind of stuck. /usr/ports/mail/imap-uw ] # grep -r -i cert * shows that you can edit files/imap-uw.cnf and change the localhost-part Thanks, that did the trick however, you might want to consider installing a better imap-server like e.g. dovecot (/usr/ports/mail/dovecot) I'm going to read as much as possible about that and see if it will provide a great advantage compared to imap-uw for the goals I have. Thanks again -- -Frank Staals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Imap-uw and openssl certificate
On 19 Oct Frank Staals wrote: Don't be so certain about that. fstaals.net *is* a valid hostname, and its IP-address can easily be found via DNS, and it can be connected to. The MX-configuration of my domain is pointing to fstaals.net , to add an subdomain for my small mailserver seemed a bit exagerated, so that isn't the problem. I can add a subdomain, but I don't see why that should help since the certificate clearly says 'localhost'. I ran this imap server for a short time but never had problems making and using a ssl cert. My server's called nagual.st. Are you sure the server indentifies as localhost even if contacted from the *outside* ? It does of course when you contact it from the local nic. As suggested using another imap server is also my idea. I don't use dovecot, but the whole courier mail package. It works like a charm. And is very fast. It does use maildirs though, unlike imap-uw. -- dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE ++ Running FreeBSD 4.11-stable ++ FreeBSD 5.4 + Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
