Am 2014-07-25 15:08, schrieb Rasca Gmelch: > Hi Christian, > > Am 25.07.2014 um 14:19 schrieb Christian Mack: >> Hello Rasca Gmelch > >> Am 2014-07-23 14:38, schrieb Rasca Gmelch: >>> >>> sogo is installed under debian 7. I put the intermediate cert to >>> /etc/ssl/certs and checked that also the toplevel CA cert is >>> included in /etc/ssl/certs/. And did a "c_rehash". >>> > >> On Debian and Ubuntu systems you should use update-ca-certificates >> (packages ca-certificates). IIRC there are 2 different hashing >> algorithms used nowaday. update-ca-certificates will pick both or >> the correct one for your system. > >> I don't know if that fixes your problem though. > > Thank you for these notes. But I think using the c_rehash command > should also be fine, because it creates two hash links for every > certificate. > > >>> But it didn't help. It looks like debuging SSL in sogo is nearly >>> imposibble. No usefull messages in the logfiles - I had the same >>> bad experiance with openldap. >>> > >> What does your sieve server say on this STARTTLS sessions? > > I see in the sogo logfile: > > Mar 28 15:00:21 sogod [12226]: <0x0x7f0d49d18fa0[NGSieveClient]> TLS > started successfully. > > On the cyrus server logfile I see: > > cyrus/sieve[26762]: starttls: TLSv1 with cipher AES256-SHA (256/256 > bits new) no authentication >
So STARTTLS is working fine. Which error do you get afterwards on the sieve server? Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung Basisdienste 78457 Konstanz +49 7531 88-4416
smime.p7s
Description: S/MIME Cryptographic Signature