问题描述
第一篇文章;)
我正在尝试配置.mbsynrc以便能够在不久的将来使用mu4e。我的邮件服务器存在技术问题。运行mbsync example-channel
时,我至少遇到以下错误之一(取决于.mbsyncrc
文件的配置):
-
140047526913344:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
-
EE certificate key too weak
-
self signed certificate
-
certificate has expired
-
IMAP command 'LOGIN <user> <pass>' returned an error: NO [AUTHENTICATIONFailed] Authentication Failed.
(完全禁用所有安全性时)
我强迫主机(尽管他似乎并不关心证书),但我只想绕过这些错误。
IMAP连接可以正常使用Thunderbird上的以下信息(使用新电子邮件地址时,按照配置的顺序):
IMAP // imap.example.com // 143 // STARTTLS // normal password
邮件服务器本身存在安全问题,但无论如何我都必须使用它。 imaps服务器存在,但是由于Thunderbird无法管理它,并且出现相同的错误,因此我更喜欢使用IMAP端口143选项。有关服务器的更多详细信息:运行openssl s_client -connect imap.example.com:143 -showcerts -tls1_2 -starttls imap 2>&1 > edit_text.sh
时,我在edit_text.sh
中得到以下内容:
CONNECTED(00000003)
---
Certificate chain
0 s:CN = server_name.example.com,OU = default dovecot cert for server_name.example.com,emailAddress = root@server_name.example.com
i:CN = server_name.example.com,emailAddress = root@server_name.example.com
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
---
Server certificate
subject=CN = server_name.example.com,emailAddress = root@server_name.example.com
issuer=CN = server_name.example.com,emailAddress = root@server_name.example.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH,P-384,384 bits
---
SSL handshake has read 1544 bytes and written 401 bytes
Verification error: certificate has expired
---
New,TLSv1.2,Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: [...]
Session-ID-ctx:
Master-Key: [...]
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket: [...]
Verify return code: 10 (certificate has expired)
Extended master secret: no
---
以及TTY中的以下内容:
depth=0 CN = server_name.example.com,emailAddress = root@server_name.example.com
verify error:num=66:EE certificate key too weak
verify return:1
depth=0 CN = server_name.example.com,emailAddress = root@server_name.example.com
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = server_name.example.com,emailAddress = root@server_name.example.com
verify error:num=10:certificate has expired
notAfter=May 15 18:27:51 2016 GMT
verify return:1
depth=0 CN = server_name.example.com,emailAddress = root@server_name.example.com
notAfter=May 15 18:27:51 2016 GMT
verify return:1
. OK Pre-login capabilities listed,post-login capabilities have more.
.mbsyncrc文件用于这些测试(但我尝试了各种测试)。
IMAPAccount example
Host imap.example.com
User username@example.com
PassCmd "gpg -q --for-your-eyes-only --no-tty -d ~/email/.mbsync_example.gpg"
Port 143
SystemCertificates no
SSLType starttls
#CipherString DEFAULT@SECLEVEL=1
CipherString ECDHE-RSA-AES256-GCM-SHA384
SSLVersions TLSv1.2
#AuthMechs Login
PipelineDepth 1
#CertificateFile ~/email/example.pem #which corresponds to the certificate gotten through openssl
#CertificateFile /etc/ssl/certs/ca-certificates.crt
IMAPStore example-remote
Account example
Maildirstore example-local
Path ~/email/Maildir/example/
InBox ~/email/Maildir/INBox
希望它有据可查(仍然是第一篇文章;)),在此先感谢您的帮助!
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)