> On Sat, 11 Aug 2001 10:38:57 -0500,
> Amos Gouaux <[EMAIL PROTECTED]> (ag) writes:
ag> Has anybody installed a Verisign cert for SSL/TLS? Is this
ag> possible? We're planning on doing this so that there aren't client
ag> headaches with a locally signed cert.
I've gotten a bit further
One ssl thing I've seen a few times is that you must make sure to hold the
FQDN in the cert.
Tarjei
- Original Message -
From: "Kevin J. Menard, Jr." <[EMAIL PROTECTED]>
To: "chirs charter" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, August 17, 2001 11:00 PM
Subject: Re: SSL
From: Amos Gouaux <[EMAIL PROTECTED]>
Date: Sun, 19 Aug 2001 12:41:38 -0500
# this is from the certs directory of openssl-0.9.6b
tls_ca_path: /usr/local/ssl/certs
tls_ca_file: /usr/local/ssl/certs/vsignss.pem
Though, I *still* have to use "/ssl/novalidate-cert" with PINE. I
> On Sun, 19 Aug 2001 16:23:26 -0400,
> Lawrence Greenfield <[EMAIL PROTECTED]> (lg) writes:
lg> openssl x509 -in -hash
lg> At the top of the output, you'll see something like:
lg> d6e6472d
lg> Link "d6e6472d.0" to the actual cert file.
If I do this instead of using tls_ca_file, using
Cyrus-imapd (1.6.24) insists on advertising AUTH=CRAM-MD5, even though
this is a lie. This is (I think) one of the (many bad) side-effects of
SASL -- because of SASL cyrus advertises this AUTH, but in fact my
sasldb is utterly empty (all authentication is via PAM) and so any
client that takes
From: Amos Gouaux <[EMAIL PROTECTED]>
Date: Sun, 19 Aug 2001 20:46:26 -0500
If I do this instead of using tls_ca_file, using the same cert
(vsignss.pem) that's included with openssl, I get the same results:
depth=1 /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Aut
> On Sun, 19 Aug 2001 21:51:33 -0700,
> David Wright <[EMAIL PROTECTED]> (dw) writes:
dw> Cyrus-imapd (1.6.24) insists on advertising AUTH=CRAM-MD5, even
dw> though this is a lie. This is (I think) one of the (many bad)
dw> side-effects of SASL -- because of SASL cyrus advertises this AUT
> On Mon, 20 Aug 2001 01:09:04 -0400,
> Lawrence Greenfield <[EMAIL PROTECTED]> (lg) writes:
lg> I don't know why SSL_connect is failing. You have TLS working for you
lg> with a self-signed certificate?
I'll give that a try tomorrow.
--
Amos
Hi there,
I'm seeing strange errors since
I've upgraded from db-3.1.14 / cyrus 2.0.12
to db-3.3.11 / cyrus 2.0.16:
imapd[13375]: DBERROR db3: log_flush: LSN past current end-of-log
imapd[13375]: DBERROR db3: log_flush: LSN past current end-of-log
imapd[13375]: DBERROR: error closing: Invalid ar
