'[bincimap] cipher list argument'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       lists-bincimap
Subject:    [bincimap] cipher list argument
From:       "Bryan Christ" <bryan.christ () clearworks ! net>
Date:       2003-04-16 17:22:18
[Download RAW message or body]

Here is a detailed output from openssl with the -state and -debug args

root@firewall:~# openssl s_client -connect 192.168.0.10:993 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 080AF928 [080AFDC0] (142 bytes => 142 (0x8E))
0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00   ......c... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0   8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00   ..3..2../.....f.
0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00   .............c..
0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40   b..a...........@
0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00   ..e..d..`.......
0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 52 92   ..............R.
0070 - 09 da 48 d0 f8 f0 f9 3f-c1 9b a1 95 5d cf 33 77   ..H....?....].3w
0080 - eb 82 c6 a7 36 a7 15 d4-24 d3 03 06 14 71         ....6...$....q
SSL_connect:SSLv2/v3 write client hello A
read from 080AF928 [080B5320] (7 bytes => 0 (0x0))
8858:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:

It is also clear from my maillog created by postfix that my pem key is useable:

setting up TLS connection from unknown[192.168.0.253]
Apr 15 23:27:16 mail postfix/smtpd[20136]: TLS connection established from \
unknown[192.168.0.253]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)

Also here is the error message that openssl gives me if I try to connect:

root@firewall:~# openssl s_client -connect 192.168.0.10:993
CONNECTED(00000003)
8339:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:

---------- Original Message ----------------------------------
From: "Bryan Christ" <bryan.christ <at> clearworks.net>
Reply-To: <bryan.christ <at> clearworks.net>
Date: Tue, 15 Apr 2003 14:57:51 -0500

> Does anyone know how to correctly use the "cipher list" argument in bincimap.conf.
> 
> I am using the standard conf template that comes with bincimap-1.1.4 and receive a \
> message from
my client (Evolution) that TLS / SSL negotiation failed. I suspect my "cipher list"
argument is wrong since my certificate and CA is working correctly with postfix. I \
grabbed this line out of my certificate if this helps:
> 
> Signature Algorithm: md5WithRSAEncryption
> 
> My thought was to change the part that said RC4+RSA to MD5+RSA. Am I on the right \
> train of
thought here? I can't find any documentation on this argument.
> 
> Thanks in advance,
> Bryan christ
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic