N0ury
commented
8 years ago Hi,
I use a dovecot imap server with the following:
ssl_protocols = !SSLv2 !SSLv3
no ssl_cipher_list
auth_mechanisms = plain
disable_plaintext_auth = no
and it works fine
in the log, I have:
dovecot: imap-login: Login: user=
But I must admit I'm not comfortable with TLS/SSL, and I have spent much time making ImapNotes2 work w/ and w/o TLS/SSL ans w/ and w/o certificate, and with STARTTLS.
Can you please create an account for me, and send me credentials at nb@dagami.org. I'll do some tests to try to undestand what's happening
Regards
Noury
hdatma
The following holds on ImapNotes2 from Google Play: https://play.google.com/store/apps/details?id=com.Pau.ImapNotes2&hl=en
What you see is the relevant log entry from the Dovecot IMAPS server:
016-06-07T11:12:26.32349 2016-06-07T13:12:26 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=[omitted-client-ip], lip=[omitted-server-ip], TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown: SSL alert number 46
2016-06-07T11:12:27.16930 2016-06-07T13:12:27 imap-login: Info: Disconnected (no auth attempts in 1 secs): user=<>, rip=[omitted-client-ip], lip=[omitted-server-ip], TLS, TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
As evident from the log, the client fails the TLS handshake. The problem is specific to ImapNotes2, because Apple Notes and Thunderbird sync correctly.
The server Dovecot is configured to accept the following:
ssl_protocols = TLSv1 TLSv1.1 TLSv1.2 ssl_cipher_list = ECDHE+AEAD:ECDHE-RSA-AES256-SHA384 auth_mechanisms = cram-md5