Bug 123108 - cannot install certificates made by openssl CA toolkit
Summary: cannot install certificates made by openssl CA toolkit
Alias: None
Product: Fedora
Classification: Fedora
Component: imap
Version: 1
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: John Dennis
QA Contact: David Lawrence
Depends On:
TreeView+ depends on / blocked
Reported: 2004-05-12 15:45 UTC by Edward Pilipczuk
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Clone Of:
Last Closed: 2006-10-28 16:34:56 UTC

Attachments (Terms of Use)

Description Edward Pilipczuk 2004-05-12 15:45:54 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)

Description of problem:
I have created private CA (using openssl CA shellscript) with the 
default directory structure. 
cacert.pem is the root certificate for that CA
in the CA home directory the CSR has been generated: 
$ openssl req -new -keyout imap.csr -out imap.csr -days 365
then this request is signed by this CA
$ openssl ca -policy policy_anything -out imap.pem -infiles imap.csr
having imap.csr (that kontains private key) and imap.pem certificate
I have created imapd.pem and ipop3d.pem files in 
the /usr/share/ssl/crets directories (original selfsigned 
certificates are replaced)
The result is:
- pop3s tcp connection is established from the client
- SSL HELLO command is send
- pop3s daemon reports attempt of the conenction 
and then is a silence ... ipop3d proces hangsup its service!  
POP3S client terminates the session with timeout condition.

Version-Release number of selected component (if applicable):
imap-2002d-3, openssl-0.9.7a-33.10

How reproducible:

Steps to Reproduce:
see in description

Actual Results:  pop3 and imap ssl session hangs up

Expected Results:  pop3s session working stable

Additional info:

Comment 1 Matthew Miller 2006-07-11 17:28:36 UTC
Fedora Core 1 is maintained by the Fedora Legacy project for security updates
only. If this problem is a security issue, please reopen and reassign to the
Fedora Legacy product. If it is not a security issue and hasn't been resolved in
the current FC5 updates or in the FC6 test release, reopen and change the
version to match.


NOTE: Fedora Core 1 is reaching the final end of support even by the Legacy
project. After Fedora Core 6 Test 2 is released (currently scheduled for July
26th), there will be no more security updates for FC1. Please use these next two
weeks to upgrade any remaining FC1 systems to a current release.

Comment 2 John Thacker 2006-10-28 16:34:56 UTC
Closing per lack of response to previous comment.  Note that FC1 and FC2 are no
longer supported even by Fedora Legacy.  If this still occurs on FC3 or FC4,
please assign to that version and Fedora Legacy.  If it still occurs on FC5 or
FC6, please reopen and assign to the correct version.

Note You need to log in before you can comment on or make changes to this bug.