On Friday, 26 March 2021 1:47:53 ACDT Marcus Meissner wrote:
On Thu, Mar 25, 2021 at 11:29:54PM +1030, Rodney Baker wrote:
On Friday, 19 March 2021 5:20:39 ACDT David Haller wrote:
Hello,
On Thu, 18 Mar 2021, Peter Suetterlin wrote:
Yes, I found that, but had no idea(*) how to use/set "NORMAL:-DHE-RSA" as a priority string :P
https://www.gnutls.org/manual/html_node/System_002dwide-configuration-of -the -library.html and the ones linked at the bottom, e.g.: https://www.gnutls.org/manual/html_node/Application_002dspecific-priorit y-st rings.html https://www.gnutls.org/manual/html_node/Overriding-the-parameter-verific ati on-profile.html
HTH, -dnh
So now I'm having the same problem with Kmail Version 5.16.3 (20.12.3). The GnuTLS docs suggest /etc/gnutls/config but that does not exist on TW, and I can't find any config parameter for Kmail. Any ideas, anyone?
IS your mailserver not supporting TLS 1.2?
you can try switching the gnutls/openssl to legacy mode:
update-crypto-policies --set LEGACY
Ciao, Marcus
Awesome, thanks, Marcus! I had to use 'cnf update-crypto-policies' and then install crypto-policy-scripts first, but then it worked and fixed the issue. So, I guess the answer to your question is, "No, it appears iiNet's smtp servers are not yet supporting TLS1.2." That will be the subject of a technical support request to my ISP to get them to fix it. Unfortunately I doubt that the first-level tech support monkeys will have any idea what to do about that. Hopefully they have enough initiative to escalate it to the right group. Regards, Rodney. -- ============================================================== Rodney Baker VK5ZTV rodney.baker@iinet.net.au CCNA #CSCO12880208 ==============================================================