I am willing to disable SSL on my dovecot servers (Debian GNU/Linux), leaving TLS as the only option. Before doing so, I would like to know who is still connecting via SSL with older or misconfigured clients, so to warn them and assist the migration to a TLS capable application. Is there a way to tell from the server logs (or any other means) who is still using SSL?
Asked
Active
Viewed 876 times
0
-
Did you mean connect via STARTTLS instead TLS? Or did you mean how to log client who using SSL(v3) and using TLS1, TLS1.1, TLS1,2? – masegaloeh May 04 '15 at 11:20
-
I need to identify and isolate connections like: SSLv2, SSLv3, STARTTLS+SSL from TLS or STARTTLS+TLS… – Gabriele May 05 '15 at 06:36
1 Answers
2
Try verbose_ssl = yes. This will make Dovecot log all the problems it sees with SSL connections.
Markus
- 184
- 4