Control: clone -1 -2 Control: retitle -2 Notify user about tls_ciphers change in imapd.conf Control: severity -2 normal
Thanks for the testing - I am going to remove custom tls_ciphers from the default imapd.conf. It also probably needs a prompt or something to notify the user that he needs to modify the tls_versions and tls_ciphers Cheers, -- Ondřej Surý <ond...@sury.org> Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server Knot Resolver (https://www.knot-resolver.cz/) – secure, privacy-aware, fast DNS(SEC) resolver Vše pro chleba (https://vseprochleba.cz) – Mouky ze mlýna a potřeby pro pečení chleba všeho druhu On Sat, Dec 3, 2016, at 16:24, Thorsten Zachmann wrote: > Hello, > > I see the same problem after upgrading cyrus. > > The option TLSv1.2:+TLSv1:+HIGH:!aNULL:@STRENGTH works but it is still > not > possible to connect with a TLSv1 only client like the BB10 Hup. > > I used the following configs > tls_versions: tls1_2 tls1_0 > tls_ciphers: TLSv1.2:+TLSv1:+HIGH:!aNULL:@STRENGTH > > Dec 3 16:23:01 host cyrus/imaps[13160]: no shared cipher in SSL_accept() > -> > fail > Dec 3 16:23:01 host cyrus/imaps[13160]: imaps TLS negotiation > failed:host. > [1.1.1.1] > > Thorsten > > _______________________________________________ > Pkg-Cyrus-imapd-Debian-devel mailing list > pkg-cyrus-imapd-debian-de...@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cyrus-imapd-debian-devel
