We are running Kerio Connect on a Ubuntu 10.04 server.
I would like to enable perfect forward security.
Article with more information: http://heise.de/-1932806
When I check for perfect forward security with "openssl s_client -cipher 'ECDH:DH' -connect login.live.com:443", I get the following response
Protocol : TLSv1
Cipher : ECDHE-RSA-AES256-SHA
When running it against my machine i get
140334437996192:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:724:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 227 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
so my machine does not support ECHD.
Does anybody know how to activate ECHD for Kerio on Ubuntu ?
After more research: ECHD does not even seem to be installed on the machine.
root@kerio-ubuntu:~# openssl ciphers
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES -CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE -RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:RC 4-SHA:RC4-MD5:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SH A:DES-CBC-SHA:DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DS S-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD 5:EXP-RC4-MD5:EXP-RC4-MD5
Does Kerio only work with the chiphers installed on the Server ?
Anybody an idea how to install it on Ubuntu 10.04?
[Updated on: Wed, 21 August 2013 00:40]
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of