From: "Steinar Bang" <sb@dod.no>
To: ding@gnus.org
Subject: nnimap unable to open server unknown service 993
Date: Tue, 07 May 2013 13:00:08 +0200 [thread overview]
Message-ID: <op.wwpniicrgfp24t@nolsbang01.one.steria.dom> (raw)
Platform: Windows 7,
emacs 24.3.1,
Ma Gnus v0.8 (git HEAD),
GNU TLS gnutls-3.0.9-w32-bin.zip from
http://sourceforge.net/projects/ezwinports/files/
Summary: I haven't found a solution for the problem yet. Any
assistance/ideas/guesses will be appreciated.
What follows are my experiments and results.
When connecting I get the following messages in the minibuffer:
Opening nnimap server on privat...
Opening connection to imap.mydomain.com via tls...
Unable to open server nnimap+privat due to: Unknown service: 993
Opening nnimap server on privat...failed:
Connecting to the same IMAP server with Opera on the same computer,
succeeds (so there should be no firewall issues).
The nnimap server is defined as a secondary select method:
(setq gnus-secondary-select-methods
'((nnimap "privat"
(nnimap-address "imap.mydomain.com")
(nnimap-authenticator cram-md5)
(nnimap-stream ssl))
(nntp "news.gmane.org")
(nndiary "")
))
I have installed GNU TLS by downloading the bin.zip file from the above
URL, extracting all DLL files in the bin directory of the zip file, and
dropping them into the emacs bin directory. That makes emacs 24 pick them
up and use the built-in TLS.
I have googled for this error message and found this thread:
https://groups.google.com/forum/?fromgroups=#!topic/gnu.emacs.gnus/vTPHwp0hVak
which probably isn't the issue, because
1. My c:/Windows/System32/drivers/etc/services contain the line:
imaps 993/tcp #IMAP4 protocol
over TLS/SSL
2. I'm running git gnus HEAD, which should contain the fix that Lars
talked about at the end of the thread
I found this thread which looked more promising:
http://thread.gmane.org/gmane.emacs.gnus.user/14695
From that thread it looked like the cause of the error message, might be a
certificate issue. My IMAP server's certificate is signed by
http://cacert.org so not having the Cacert.org CA certificate installed
where GNU TLS could find it, looked like a likely culprit.
The question was then: where should I drop the cacert.org CA certificate
so that the GNU TLS DLL in emacs would pick it up?
Googling some more, I found this:
http://www.gnu.org/software/emacs/manual/html_node/emacs-gnutls/Help-For-Users.html
The value of gnutls-trustfiles, was:
("/etc/ssl/certs/ca-certificates.crt" "/etc/pki/tls/certs/ca-bundle.crt"
"/etc/ssl/ca-bundle.pem" "/usr/ssl/certs/ca-bundle.crt")
I downloaded the cacert.org class 1 sertificate from
http://www.cacert.org/index.php?id=3
I saved the downloaded file as
C:\ProgramFiles\emacs-24.3\etc\gnutls\cacert.org_root.crt
I evaluated the following in the scratch buffer:
(push "C:/ProgramFiles/emacs-24.3/etc/gnutls/cacert.org_root.crt"
gnutls-trustfiles)
I then tried to start gnus, but I got the same issue.
I have tried the log levels 1, 2 and 5, by evaluating
(setq gnutls-log-level 1)
and then tried `M-x gnus', and when that didn't give anything meaningful,
I evaluated
(setq gnutls-log-level 2)
and then tried `M-x gnus', and when that didn't give anything meaningful,
I evaluated
(setq gnutls-log-level 5)
and then tried `M-x gnus'.
But not even log level 5 gave me any clue that there were CA issues with
the nnimap connection.
It did show that GNU TLS was active, though. And that GNU TLS used the
cacert.org cert, when trying to open an nntps connection to news.gmane.org:
Opening nnimap server on privat...
Opening connection to imap.mydomain.com via tls...
Unable to open server nnimap+privat due to: Unknown service: 993
Opening nnimap server on privat...failed:
Opening nntp server on news.gmane.org...
gnutls.c: [1] (Emacs) allocating credentials
gnutls.c: [2] (Emacs) allocating x509 credentials
gnutls.c: [2] (Emacs) using default verification flags
gnutls.c: [1] (Emacs) setting the trustfile:
C:/ProgramFiles/emacs-24.3/etc/gnutls/cacert.org_root.crt
gnutls.c: [1] (Emacs) gnutls callbacks
gnutls.c: [1] (Emacs) gnutls_init
...[snip! news.gmane.org stuff]
next reply other threads:[~2013-05-07 11:00 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-07 11:00 Steinar Bang [this message]
2013-05-07 16:05 ` David Engster
2013-05-07 21:34 ` Steinar Bang
2013-05-07 21:42 ` nntp server news.gmane.org tries to use gnutls (Was: nnimap unable to open server unknown service 993) Steinar Bang
2013-05-07 21:53 ` nntp server news.gmane.org tries to use gnutls Adam Sjøgren
2013-05-07 23:20 ` Steinar Bang
2013-05-08 0:17 ` Katsumi Yamaoka
2013-05-08 8:44 ` Adam Sjøgren
2013-05-08 11:38 ` Steinar Bang
2013-05-08 21:19 ` Adam Sjøgren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=op.wwpniicrgfp24t@nolsbang01.one.steria.dom \
--to=sb@dod.no \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).