Oh, my. That was intended for Nathan only. (Thanks, Evolution!)
I don't mind Mike's silliness. It encourages me to post questions
about e.g. why Google Play Store will not update while OpenVPN is up...
were I actually to take the time to put together all the ancillary
documentation, like my network topology.... oy.
I wonder where THIS email will go.
Maybe we can talk about Stross's Vile Offspring and how to avoid being
left behind. Maybe I need to assume corporeality and hit the
stammtisch... mumble.
On Thu, 2018-04-12 at 11:27 -0700, Matt Birkholz wrote:
> Hi Nathan,
>
> Did you get any help with this, or figure it out yourself by now?
>
> I have been doing similar things on a CoxBusiness static IP for years,
> so maybe I can help. (Also Mike's latest silliness makes me wish for
> more erudite discussions on PLUG. Smart questions going unanswered
> only makes it worse? :-)
>
> I included a couple quick "reactions" to your email (below) but maybe
> this is moot now, a week on.
>
> -Matt
>
> On Thu, 2018-04-05 at 20:29 -0700, Nathan O'Brennan wrote:
> > Hey all,
> >
> > I use Let's Encrypt on my web server, and I use the same certificate for
> > my postfix and dovecot services. Today I realized that my phone has not
> > alerted me to new messages. I logged into my webmail via Firefix (I
> > don't usually log into webmail until my phone says I have mail) and sure
> > enough, I had quite a bit of mail, so I opened my BlueMail app and it
> > will not connect because my certificate cannot be verified.
> >
> > Firefox works fine on webmail.
> > Chrome works fine on webmail.
> > Postfix, Apache, and Dovecot all operate correctly without warnings.
> >
> > Bluemail, Thunderbird, and Kmail all fail to connect because the
> > certificate cannot be verified.
>
> You did not attach the intermediate certificates?
>
> > I had to accept the certificate to use it on my phone. Has Let's Encrypt
> > changed something? Or what? I don't get any errors on my server, dovecot
> > reports a username of <> during the initial handshake, which I think is
> > normal, then reports an error only when my phone attempts to connect
> > which looks like:
> >
> >
> > Apr 05 20:26:23 codezilla.xyz dovecot[1699]: imap-login: Disconnected
> > (no auth attempts in 3 secs): user=<>, rip=70.xxx.aaa.162,
> > lip=138.197.192.135, TLS handshaking: SSL_accept() failed:
> > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate
> > unknown: SSL alert number 46, session=<xsrZniVpOQBGsb2i>
> >
> > Best I can tell this is a failure on my server's attempt to verify my
> > phone's certificate?
>
> Your phone has an IMAP client certificate? I missed that part.
>
> The error message actually looks like mine when certificates do not
> validate and clients do not attempt to log in.
>
> > Any help would be appreciated.
> > ---------------------------------------------------
> > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)