Hi Timo,
From other server:
gnutls-cli --starttls -p 143 ip
Resolving 'ip'...
Connecting to 'ip:143'...
- Simple Client Mode:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready.
9 starttls
9 OK Begin TLS negotiation now.
*** Starting TLS handshake
- Ephemeral Diffie-Hellman parameters
- Using prime: 1032 bits
- Secret key: 1016 bits
- Peer's public key: 1024 bits
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
# The hostname in the certificate does NOT match 'ip'.
Server log:
Feb 2 22:10:07 s13 dovecot: imap-login: Warning: SSL: where=0x10,
ret=1: before/accept initialization [83.170.89.109]
Feb 2 22:10:07 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: before/accept initialization [83.170.89.109]
Feb 2 22:10:07 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv2/v3 read client hello A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 read client hello A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write server hello A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write certificate A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write key exchange A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write server done A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 flush data [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read client certificate A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 read client key exchange A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=-1: SSLv3 read certificate verify A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 read finished A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write change cipher spec A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 write finished A [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2001,
ret=1: SSLv3 flush data [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x20,
ret=1: SSL negotiation finished successfully [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL: where=0x2002,
ret=1: SSL negotiation finished successfully [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Warning: SSL alert:
where=0x4008, ret=256: warning close notify [83.170.89.109]
Feb 2 22:10:08 s13 dovecot: imap-login: Disconnected (no auth
attempts): rip=83.170.89.109, lip=109.200.5.221, TLS: Disconnected
Same error in thunderbird :(
Feb 2 22:12:44 s13 dovecot: imap-login: Disconnected (no auth
attempts): rip=83.61.13.57, lip=ip, TLS handshaking: Disconnected
Regards,
Lucas
On 02/02/2011 23:03, Timo Sirainen wrote:
On Wed, 2011-02-02 at 22:47 +0100, Lucas -LandM- wrote:
Same error:
gnutls-cli --starttls -p 143 ip
Resolving 'ip'...
Connecting to 'ip:143'...
- Simple Client Mode:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5] Dovecot ready.
9 STARTTLS
9 OK Begin TLS negotiation now.
*** Starting TLS handshake
*** Fatal error: A TLS packet with unexpected length was received.
*** Handshake has failed
Try connecting from localhost. Maybe you have a broken proxy/firewall in
the middle.
