Avatar for Username

Kërkoni te Asistenca

Shmangni karremëzime gjoja asistence. S’do t’ju kërkojmë kurrë të bëni një thirrje apo të dërgoni tekst te një numër telefoni, apo të na jepni të dhëna personale. Ju lutemi, raportoni veprimtari të dyshimtë duke përdorur mundësinë “Raportoni Abuzim”.

Mësoni Më Tepër

Kjo rrjedhë është arkivuar. Ju lutemi, bëni një pyetje të re, nëse keni nevojë për ndihmë.

OSX Server 5.1 IMAP Mail with Thunderbird. Certificate problem - can't connect from Win7

  • 1 përgjigje
  • 1 e ka hasur këtë problem
  • 4 parje
  • Përgjigjja më e re nga Matt

user1332724
user1332724
more options

We are setting up a new Apple OS X Server 5.1 provide an IMAP for internal mail. We are hoping to use Thunderbird as the client. On MAC workstations and laptops when we setup the new email account we are offered the option to accept and trust the local self signed certificate. Once accepted the email accounts function correctly. However, when trying the same procedure on Win7 workstations we don't get the option to trust and cannot connect to the IMAP server. We tried importing the certificate from one of the MAC workstations, but the Win7 workstation does not trust it. Any suggestions?

Just for info - file sharing, DHCP and DNS are operating correctly.

We are setting up a new Apple OS X Server 5.1 provide an IMAP for internal mail. We are hoping to use Thunderbird as the client. On MAC workstations and laptops when we setup the new email account we are offered the option to accept and trust the local self signed certificate. Once accepted the email accounts function correctly. However, when trying the same procedure on Win7 workstations we don't get the option to trust and cannot connect to the IMAP server. We tried importing the certificate from one of the MAC workstations, but the Win7 workstation does not trust it. Any suggestions? Just for info - file sharing, DHCP and DNS are operating correctly.

Krejt Përgjigjet (1)

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

My guess is SSL/TLS is not configured for the changes that occurred following logjam.

Ensure the server is functioning with TLS1.2 and that valid certificates of at least 2048bytes are used Everything before TLS1.2 is broken and should not be used. That includes SSL in it's entirety

Keys less than 2048 are also no longer long enough to provide anything like the encryption required.. Breaking them is now at the level of "trivial"