Subject: TLS engine:
To: netbsd-help <netbsd-help@netbsd.org>
From: Brent Newson <brent.newson@baldey.net>
List: netbsd-help
Date: 11/16/2001 13:27:53
Hi all can anyone please help with the following:
I have NetBSD 1.5.2 running the following relevant packages:
cyrus-imapd-2.0.16
perl-5.6.1nb6
db3-2.9.2
openssl-0.9.6nb2
cyrus-sasl-1.5.24nb3
All the packages have been set up with default configurations:
I can successfuly log into this mail server using imap on port 143 but
when i try and use imap over ssl i get the following error:
esme master[1529]: process 1539 exited, signaled to death by 11
Nov 16 13:02:35 esme imapd[1540]: TLS engine: cannot load CA data
Nov 16 13:02:35 esme imapd[1540]: starttls: TLSv1 with cipher (NONE)
(0/0 bits) no authentication
Nov 16 13:02:35 esme imapd[1540]: Undefined error: 0, closing connection
When i try to use the imtest utility from cyrus i get the following:
bash-2.05# imtest -t "" localhost
C: C01 CAPABILITY
S: * OK esme.webscreen-technology.com Cyrus IMAP4 v2.0.16 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE STARTTLS AUTH=DIGEST-MD5 AUTH=CRAM-MD5 X-NETSCAPE
S: C01 OK Completed
S01 OK Begin TLS negotiation now
Nov 16 13:07:51 esme imapd[1563]: TLS engine: cannot load CA data
Nov 16 13:07:51 esme imapd[1563]: TLS engine: No CA file specified.
Client side certs may not work
verify error:num=18:self signed certificate
Segmentation fault (core dumped)
Nov 16 13:07:51 esme imapd[1563]: starttls: TLSv1 with cipher (NONE)
(0/0 bits) no authentication
bash-2.05# Nov 16 13:07:51 esme imapd[1563]: Undefined error: 0, closing
connection
My question is doesnt anyone have a clue why this is doing this? I
realise that it is reading in the cert that i have created and self
signed but then imtest itself core dumps. I have tried looking for a way
to increase the debug level of either the cyrus-master or cyrus-imapd
daemon with no luck. Can some suggest a way that i can either run or
recompile cyrus with greater debugging power? I have used the same
package versions on a redhat 7.2 box the server works fine with imap
over ssl. any suggestions would be greatly appreciated!
--
Cheers
Brent