OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: AW: [suse-security] POP3 with Outlook SSL
From: Walter Krohe (wku2me.de)
Date: Tue Feb 01 2000 - 16:46:43 CST


Hi Bastian,

> So, what do they look like? My keys have 3 sections:
> -----BEGIN RSA PRIVATE KEY-----
> [....]
> -----END RSA PRIVATE KEY-----
> -----BEGIN CERTIFICATE-----
> [....]
> -----END CERTIFICATE-----
> -----BEGIN DH PARAMETERS-----
> [....]
> -----END DH PARAMETERS-----

My key has only 2 sections
-----BEGIN RSA PRIVATE KEY-----
[....]
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
[....]
-----END CERTIFICATE-----

made by this command:
openssl req -config /usr/ssl/openssl.cnf -nodes -new -x509 -keyout
my_cert.pem -out my_cert.pem -days 365

> > - changed /etc/inetd.conf as described
>
> maybe you want to post these lines?

pop3s stream tcp nowait root /usr/sbin/tcpd /usr/sbin/sslwrap
-cert /usr/ssl/certs/my_cert.pem -port 110

> > - added secure ports to /etc/services
>
> That is
> imaps 993/tcp # imap4 protocol over TLS/SSL
> pop3s 995/tcp # pop3 protocol over TLS/SSL (was spop3)
> for me, right?

Right.

> > Forcing my Netscape to use TSL/SSL returns a lapidar message "Mailserver
> > seems not to work bla bla bla" instead of sending mail.
>
> AFAIK, Netscape just talks SSL with IMAP4 servers, SSL with POP servers is
> not yet implemented - at least in the linux versions.

mhh - I use the Win version 4.5. If so - I would not expect with the pop3
setting in Netscape-cfg that SMTP is not working. But I dont't know...

A little, little bug must there be ;-) ...

--
Walter Krohe, wku2me.de
Schwabstrasse 20, D-73760 Ostfildern
voice +49 711 3428 926, fax +49 711 3428 928

--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com