From owner-freebsd-questions@FreeBSD.ORG  Thu Apr  3 12:53:17 2014
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id A4AD7688
 for <freebsd-questions@freebsd.org>; Thu,  3 Apr 2014 12:53:17 +0000 (UTC)
Received: from cerebro.liukuma.net (cerebro.liukuma.net
 [IPv6:2a00:d1e0:1000:1b00::2])
 by mx1.freebsd.org (Postfix) with ESMTP id 5C1DF9A4
 for <freebsd-questions@freebsd.org>; Thu,  3 Apr 2014 12:53:17 +0000 (UTC)
Received: from cerebro.liukuma.net (localhost [127.0.0.1])
 by cerebro.liukuma.net (Postfix) with ESMTP id BC8228A016A
 for <freebsd-questions@freebsd.org>; Thu,  3 Apr 2014 15:55:00 +0300 (EEST)
DKIM-Filter: OpenDKIM Filter v2.8.3 cerebro.liukuma.net BC8228A016A
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=liukuma.net;
 s=liukudkim; t=1396529700;
 bh=L1oWN2dJxOXZjqqvHAIPzQgX9eYKiGSSjP1VJXMos2w=;
 h=From:To:References:In-Reply-To:Subject:Date;
 b=pI2UBq916KZCARienVRiSzbyfgkK05vgh+6EWQKSO30A+/N/RBI5y1guNpI8e9eTa
 8QkEPEvW9wWzh7+ogbX1HTKTRn4JvQ+UHtmnf+eBIyNVD9c60F+SngjFX/yzQzfoOd
 q8W/eTAt+oVW64d+1JPu8jgjHNXtHyF3a/MjbPXU=
X-Virus-Scanned: amavisd-new at liukuma.net
Received: from cerebro.liukuma.net ([127.0.0.1])
 by cerebro.liukuma.net (cerebro.liukuma.net [127.0.0.1]) (amavisd-new,
 port 10027)
 with LMTP id 4SyZwQ8iFYag for <freebsd-questions@freebsd.org>;
 Thu,  3 Apr 2014 15:55:00 +0300 (EEST)
Received: from Rivendell (dsl-kmibrasgw1-54f8d4-179.dhcp.inet.fi
 [84.248.212.179]) (using TLSv1 with cipher AES128-SHA (128/128 bits))
 (Client did not present a certificate)
 (Authenticated sender: ignatz@cerebro.liukuma.net)
 by cerebro.liukuma.net (Postfix) with ESMTPSA id D0DA78A0168
 for <freebsd-questions@freebsd.org>; Thu,  3 Apr 2014 15:54:59 +0300 (EEST)
DKIM-Filter: OpenDKIM Filter v2.8.3 cerebro.liukuma.net D0DA78A0168
Message-ID: <FA290CB23A2245D89B7B077F5FEA707A@Rivendell>
From: "Reko Turja" <reko.turja@liukuma.net>
To: <freebsd-questions@freebsd.org>
References: <wu738hueldy.fsf@banyan.cs.ait.ac.th>
In-Reply-To: <wu738hueldy.fsf@banyan.cs.ait.ac.th>
Subject: Re: I broke courier-imap
Date: Thu, 3 Apr 2014 15:52:56 +0300
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
 reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 15.4.3555.308
X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3555.308
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Apr 2014 12:53:17 -0000

>> After upgrading courier-imap, I cannot connect anymore: every time I
>> try starting TLS I get the error:
>
> I got it.
>
> It seems that for some unclear reason, courietls (or is that openssl)
> need a file dhparam, even when I am using RSA and not Diffie-Hellman...

TLS1+ EDH "forward secrecy" ciphers defined to be used with Courier in 
Couriers .conf (can default to that if no ciphers are defined) and new 
Courier brought in forward secrecy and TLS1.x support perhaps?

-Reko