Bug 85912 - Imapd hangs when accessed via SSL
Imapd hangs when accessed via SSL
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: imap (Show other bugs)
7.3
i386 Linux
medium Severity high
: ---
: ---
Assigned To: John Dennis
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-03-10 14:02 EST by Graham Leggett
Modified: 2007-04-18 12:51 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-19 23:40:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Graham Leggett 2003-03-10 14:02:00 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.2) Gecko/20030110

Description of problem:
Imap-2001a is configured for normal IMAP on port 443. It works fine.

The mail client (Mozilla v1.2.1) is configured to use SSL on port 993. An
attempt to connect to the secure IMAP server hangs forever until "stop" is pressed.

A sniff on the connection shows that the SSL handshake happens, but nothing
after this.

The /var/log/maillog file shows this:

Mar 10 20:42:18 broadway imapd[25269]: imaps SSL service init from 192.168.0.201

And nothing else.

The machine is configured to use user accounts authenticated against an LDAP
server. This LDAP system works fine.

The cert being used is a cert signed by our own CA cert, and works both in our
Apache server and OpenLDAP server.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
See above.

Additional info:
Comment 1 Graham Leggett 2003-03-10 14:29:54 EST
After further digging through documentation, imap-2001a seems to insist that SSL
certs are signed by what it calls "a trusted certificate authority".

Nowhere in the docs does it describe where it might find a list of trusted
certificate authorities. Adding our private CA certificate to the
/usr/share/ssl/certs/ca-bundle.crt file (the only database of trusted certs
anywhere on the system) makes no difference - imap still hangs.

If imaps was being anal about it's certificate support, it would help *a whole
bunch* if something to that effect was written to /var/log/maillog.
Comment 2 Warren Togami 2004-09-19 23:40:00 EDT
There is no doubt that your concern is valid, however there is nothing
we can do about this.  Please consider using one of the better
supported IMAP servers like dovecot or cyrus-imapd in FC2+.

Note You need to log in before you can comment on or make changes to this bug.