From: Peter Weiss <Peter.Weiss@ConSol.de>
To: ding@gnus.org
Subject: IMAP SSL connection with certificate
Date: Tue, 20 Jul 2010 10:56:52 +0200 [thread overview]
Message-ID: <4C4564D4.1030302@ConSol.de> (raw)
Hello
I'm trying to setup imap access using openssl. The problem is that the
authentication only works with a client certificate, but no password
request is seen when starting gnus
The setup is:
(setq gnus-select-method '(nnimap "xxxxxx"
(nnimap-address "imap.xxxxxx.de")
(nnimap-server-port 993)
(nnimap-authenticator login)
(nnimap-stream ssl)
(nnimap-authinfo-file
"/home/peter/.authinfo")
(nnimap-user "weiss"))
From the imap-log buffer:
======================================================================
1 -> imap-opened: buffer=" *nnimap* xxxxxx"
1 <- imap-opened: nil
======================================================================
1 -> imap-open: server="imap.xxxxxx.de" port=993 stream=ssl auth=login
buffer=" *nnimap* xxxxxx"
| 2 -> imap-opened: buffer=" *nnimap* xxxxxx"
| 2 <- imap-opened: nil
| 2 -> imap-open-1: buffer=" *nnimap* xxxxxx"
| | 3 -> imap-ssl-open: name="imap" buffer=" *nnimap* xxxxxx"
server="imap.xxxxxx".de" port=993
| | | 4 -> imap-parse-greeting:
| | | 4 <- imap-parse-greeting: nil
| | | 4 -> imap-parse-greeting:
| | | 4 <- imap-parse-greeting: nil
| | | 4 -> imap-parse-greeting:
[...]
Gnus just hangs.
Emacs starts the correct openssl command:
openssl s_client -quiet -host imap.xxxxxx.de -port 993 -cert
/home/peter/Xxxxxx/Xxxxxx-cert.pem
If I enter this on the command line the connection can be established IMHO:
~:1> openssl s_client -quiet -host imap.xxxxxx.de -port 993 -cert
/home/peter/Xxxxxx/Xxxxxx-cert.pem
Enter pass phrase for /home/peter/Xxxxxx/Xxxxxx-cert.pem:
depth=0
/serialNumber=r9xSb8CojWsg1RgsEAgSbLIPCy2IWbC2/C=DE/O=*.xxxxxx.de/OU=GT91455568/OU=See
www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.xxxxxx.de
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/serialNumber=r9xSb8CojWsg1RgsEAgSbLIPCy2IWbC2/C=DE/O=*.xxxxxx.de/OU=GT91455568/OU=See
www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.xxxxxx.de
verify error:num=27:certificate not trusted
verify return:1
depth=0
/serialNumber=r9xSb8CojWsg1RgsEAgSbLIPCy2IWbC2/C=DE/O=*.xxxxxx.de/OU=GT91455568/OU=See
www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.xxxxxx.de
verify error:num=21:unable to verify the first certificate
verify return:1
* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID] sol1 Cyrus IMAP4 v2.3.8
server ready
The .authinfo file is setup with correct login/ password.
Any suggestions on how to get further?
The stuff is seen with
Gnus v5.13
GNU Emacs 23.1.1 (i486-pc-linux-gnu, GTK+ Version 2.20.0) of 2010-03-29
on rothera, modified by Debian
TIA -- Peter
--
Peter.Weiss@consol.de ConSol* Software GmbH
Phone +49 89 45841-546 Consulting & Solutions
Mobile +49 177 6040121 Franziskanerstr. 38
http://www.consol.de D-81669 München
next reply other threads:[~2010-07-20 8:56 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-20 8:56 Peter Weiss [this message]
2010-07-20 12:28 Peter Weiss
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C4564D4.1030302@ConSol.de \
--to=peter.weiss@consol.de \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).