IMAP STARTTLS and SSL/TLS

Discussion forum for Enterprise Edition.
Post Reply
sindrehi
Posts: 105
Joined: Fri Apr 15, 2005 7:58 am

IMAP STARTTLS and SSL/TLS

Post by sindrehi »

Hi,

Is it possible to enable both STARTTLS and SSL/TLS on IMAP?
We have already SSL/TLS working. To enable STARTTLS i found out I had to remove "Require SSL" checkox after listen to alternate port. But then the SSL/TLS option is not working anymore.
From what I understand STARTTLS is more secure than SSL/TLS, so it would be great to be able to offer this option. But if we change setup, then all clients already using SSL/TLS setup will fail.

Best Regards,
Sindre

kiamori
Posts: 329
Joined: Wed Nov 04, 2009 1:39 am
Contact:

Re: IMAP STARTTLS and SSL/TLS

Post by kiamori »

Any response for this?

Maranda
Posts: 27
Joined: Mon Dec 11, 2017 8:10 pm

Re: IMAP STARTTLS and SSL/TLS

Post by Maranda »

sindrehi wrote:
Wed Nov 13, 2019 8:27 am
Hi,

Is it possible to enable both STARTTLS and SSL/TLS on IMAP?
We have already SSL/TLS working. To enable STARTTLS i found out I had to remove "Require SSL" checkox after listen to alternate port. But then the SSL/TLS option is not working anymore.
From what I understand STARTTLS is more secure than SSL/TLS, so it would be great to be able to offer this option. But if we change setup, then all clients already using SSL/TLS setup will fail.

Best Regards,
Sindre
You don't understand how STARTTLS (or TLS in general) works, it's used to "turn" an unsecure connection channel into a secure one after the connection is established. A SSL/TLS socket performs the TLS handshaking and secures the channel on connection establishment so there's no need of the STARTTLS roundtrip as that was already done at the beginning of the said connection.

Post Reply