From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.2) Gecko/20030110 Description of problem: Imap-2001a is configured for normal IMAP on port 443. It works fine. The mail client (Mozilla v1.2.1) is configured to use SSL on port 993. An attempt to connect to the secure IMAP server hangs forever until "stop" is pressed. A sniff on the connection shows that the SSL handshake happens, but nothing after this. The /var/log/maillog file shows this: Mar 10 20:42:18 broadway imapd[25269]: imaps SSL service init from 192.168.0.201 And nothing else. The machine is configured to use user accounts authenticated against an LDAP server. This LDAP system works fine. The cert being used is a cert signed by our own CA cert, and works both in our Apache server and OpenLDAP server. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: See above. Additional info:
After further digging through documentation, imap-2001a seems to insist that SSL certs are signed by what it calls "a trusted certificate authority". Nowhere in the docs does it describe where it might find a list of trusted certificate authorities. Adding our private CA certificate to the /usr/share/ssl/certs/ca-bundle.crt file (the only database of trusted certs anywhere on the system) makes no difference - imap still hangs. If imaps was being anal about it's certificate support, it would help *a whole bunch* if something to that effect was written to /var/log/maillog.
There is no doubt that your concern is valid, however there is nothing we can do about this. Please consider using one of the better supported IMAP servers like dovecot or cyrus-imapd in FC2+.