From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/69816 Path: news.gmane.org!not-for-mail From: Peter Weiss Newsgroups: gmane.emacs.gnus.general Subject: IMAP SSL connection with certificate Date: Tue, 20 Jul 2010 10:56:52 +0200 Message-ID: <4C4564D4.1030302@ConSol.de> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: quoted-printable X-Trace: dough.gmane.org 1279621550 11215 80.91.229.12 (20 Jul 2010 10:25:50 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Tue, 20 Jul 2010 10:25:50 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M18206@lists.math.uh.edu Tue Jul 20 12:25:49 2010 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1ObA1F-0003PE-9E for ding-account@gmane.org; Tue, 20 Jul 2010 12:25:49 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1ObA0Z-0001QO-QQ; Tue, 20 Jul 2010 05:25:07 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1Ob8dh-0000xo-IZ for ding@lists.math.uh.edu; Tue, 20 Jul 2010 03:57:25 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtp (Exim 4.72) (envelope-from ) id 1Ob8df-0007Zd-Jm for ding@lists.math.uh.edu; Tue, 20 Jul 2010 03:57:24 -0500 Original-Received: from gate2.consol.net ([194.246.122.12] helo=gw2.consol.de) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1Ob8de-0001vo-00 for ; Tue, 20 Jul 2010 10:57:22 +0200 Original-Received: from sol1.bb.consol.de (sol1.bb.consol.de [10.250.0.71]) by gw2.consol.de (8.14.4/8.14.4) with ESMTP id o6K8uqkk078531 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 20 Jul 2010 10:56:52 +0200 (CEST) (envelope-from Peter.Weiss@ConSol.de) Original-Received: from [10.5.0.9] (ray3.roc.consol.de [10.5.0.9]) by sol1.bb.consol.de (8.13.8+Sun/8.13.7) with ESMTP id o6K8uqEe011195 for ; Tue, 20 Jul 2010 10:56:52 +0200 (CEST) User-Agent: Thunderbird 2.0.0.23 (X11/20090910) X-purgate-type: clean X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de X-purgate: clean X-purgate: This mail is considered clean (visit http://www.eleven.de for further information) X-purgate-size: 3723 X-purgate-ID: 153102::1279616212-00006D99-479127E5/0-0/0-0 X-Virus-Scanned: clamav-milter 0.96 at gw2.consol.de X-Virus-Status: Clean X-Spam-Score: -1.9 (-) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:69816 Archived-At: Hello I'm trying to setup imap access using openssl. The problem is that the authentication only works with a client certificate, but no password request is seen when starting gnus The setup is: (setq gnus-select-method '(nnimap "xxxxxx" (nnimap-address "imap.xxxxxx.de")= (nnimap-server-port 993) (nnimap-authenticator login) (nnimap-stream ssl) (nnimap-authinfo-file "/home/peter/.authinfo") (nnimap-user "weiss")) From the imap-log buffer: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 1 -> imap-opened: buffer=3D" *nnimap* xxxxxx" 1 <- imap-opened: nil =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D 1 -> imap-open: server=3D"imap.xxxxxx.de" port=3D993 stream=3Dssl auth=3D= login=20 buffer=3D" *nnimap* xxxxxx" | 2 -> imap-opened: buffer=3D" *nnimap* xxxxxx" | 2 <- imap-opened: nil | 2 -> imap-open-1: buffer=3D" *nnimap* xxxxxx" | | 3 -> imap-ssl-open: name=3D"imap" buffer=3D" *nnimap* xxxxxx"=20 server=3D"imap.xxxxxx".de" port=3D993 | | | 4 -> imap-parse-greeting: | | | 4 <- imap-parse-greeting: nil | | | 4 -> imap-parse-greeting: | | | 4 <- imap-parse-greeting: nil | | | 4 -> imap-parse-greeting: [...] Gnus just hangs. Emacs starts the correct openssl command: openssl s_client -quiet -host imap.xxxxxx.de -port 993 -cert=20 /home/peter/Xxxxxx/Xxxxxx-cert.pem If I enter this on the command line the connection can be established IMH= O: ~:1> openssl s_client -quiet -host imap.xxxxxx.de -port 993 -cert=20 /home/peter/Xxxxxx/Xxxxxx-cert.pem Enter pass phrase for /home/peter/Xxxxxx/Xxxxxx-cert.pem: depth=3D0=20 /serialNumber=3Dr9xSb8CojWsg1RgsEAgSbLIPCy2IWbC2/C=3DDE/O=3D*.xxxxxx.de/O= U=3DGT91455568/OU=3DSee=20 www.rapidssl.com/resources/cps (c)10/OU=3DDomain Control Validated -=20 RapidSSL(R)/CN=3D*.xxxxxx.de verify error:num=3D20:unable to get local issuer certificate verify return:1 depth=3D0=20 /serialNumber=3Dr9xSb8CojWsg1RgsEAgSbLIPCy2IWbC2/C=3DDE/O=3D*.xxxxxx.de/O= U=3DGT91455568/OU=3DSee=20 www.rapidssl.com/resources/cps (c)10/OU=3DDomain Control Validated -=20 RapidSSL(R)/CN=3D*.xxxxxx.de verify error:num=3D27:certificate not trusted verify return:1 depth=3D0=20 /serialNumber=3Dr9xSb8CojWsg1RgsEAgSbLIPCy2IWbC2/C=3DDE/O=3D*.xxxxxx.de/O= U=3DGT91455568/OU=3DSee=20 www.rapidssl.com/resources/cps (c)10/OU=3DDomain Control Validated -=20 RapidSSL(R)/CN=3D*.xxxxxx.de verify error:num=3D21:unable to verify the first certificate verify return:1 * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID] sol1 Cyrus IMAP4 v2.3.8=20 server ready The .authinfo file is setup with correct login/ password. Any suggestions on how to get further? The stuff is seen with Gnus v5.13 GNU Emacs 23.1.1 (i486-pc-linux-gnu, GTK+ Version 2.20.0) of 2010-03-29=20 on rothera, modified by Debian TIA -- Peter --=20 Peter.Weiss@consol.de ConSol* Software GmbH Phone +49 89 45841-546 Consulting & Solutions Mobile +49 177 6040121 Franziskanerstr. 38 http://www.consol.de D-81669 M=FCnchen