Red Hat Bugzilla – Bug 85912
Imapd hangs when accessed via SSL
Last modified: 2007-04-18 12:51:57 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.2) Gecko/20030110
Description of problem:
Imap-2001a is configured for normal IMAP on port 443. It works fine.
The mail client (Mozilla v1.2.1) is configured to use SSL on port 993. An
attempt to connect to the secure IMAP server hangs forever until "stop" is pressed.
A sniff on the connection shows that the SSL handshake happens, but nothing
The /var/log/maillog file shows this:
Mar 10 20:42:18 broadway imapd: imaps SSL service init from 192.168.0.201
And nothing else.
The machine is configured to use user accounts authenticated against an LDAP
server. This LDAP system works fine.
The cert being used is a cert signed by our own CA cert, and works both in our
Apache server and OpenLDAP server.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
After further digging through documentation, imap-2001a seems to insist that SSL
certs are signed by what it calls "a trusted certificate authority".
Nowhere in the docs does it describe where it might find a list of trusted
certificate authorities. Adding our private CA certificate to the
/usr/share/ssl/certs/ca-bundle.crt file (the only database of trusted certs
anywhere on the system) makes no difference - imap still hangs.
If imaps was being anal about it's certificate support, it would help *a whole
bunch* if something to that effect was written to /var/log/maillog.
There is no doubt that your concern is valid, however there is nothing
we can do about this. Please consider using one of the better
supported IMAP servers like dovecot or cyrus-imapd in FC2+.