Search found 264 matches

by dik23
Tue Oct 21, 2014 3:46 pm
Forum: Administrators
Topic: More OpenSSL vulnerabilities - NOT POODLE
Replies: 16
Views: 1521

More OpenSSL vulnerabilities - NOT POODLE

That's good to know, although early November does seem like quite a long time compared to how long it took the various flavours of Linux that Zimbra sits on to release updated versions of OpenSSL.



Is there a specific reason Zimbra can't use OpenSSL that's found in the repositories ?

by dik23
Tue Oct 21, 2014 8:56 am
Forum: Administrators
Topic: Reverse proxy, sharing port 443
Replies: 6
Views: 838

Reverse proxy, sharing port 443

The Outlook error I posted above was incorrect. It should have been : The certificate matched the certificate that's current on the machine : I have solved the Android ActiveSync issue but am still seeing this ZCO error. ActiveSync was fixed by altering the backed for ZImbra : backend zimbra &nb...
by dik23
Mon Oct 20, 2014 12:52 pm
Forum: Administrators
Topic: More OpenSSL vulnerabilities - NOT POODLE
Replies: 16
Views: 1521

More OpenSSL vulnerabilities - NOT POODLE

In case anyone cares there's a bug open for this.


However it's progress seems rather slow even though it's been marked "critical" by Zimbra and "Severity: High" by OpenSSL


Ho hum

by dik23
Thu Oct 16, 2014 12:11 pm
Forum: Administrators
Topic: More OpenSSL vulnerabilities - NOT POODLE
Replies: 16
Views: 1521

More OpenSSL vulnerabilities - NOT POODLE

I presume the following are an issue for Zimbra, since OpenSSL is built in. Patches have been released for OSs but I don't see anything for Zimbra


What should be done about :


CVE-2014-3513


CVE-2014-3567


I'm running 8.0.7 with OpenSSL 1.0.1h 5 Jun 2014



by dik23
Thu Oct 16, 2014 5:58 am
Forum: Administrators
Topic: Poodle - SSLv3 still active on SMTP-SSL (port 465) after using Wiki to disable
Replies: 4
Views: 876

Poodle - SSLv3 still active on SMTP-SSL (port 465) after using Wiki to disable

I am getting the same here However on the very same page there's the "test": for p in 993 995 443 ; do echo Port $p ; timeout 3 openssl s_client -connect `zmhostname`:$p -ssl3 |grep failure ; done which gives output that would suggest that it's ok : Port 993-su: timeout: command no...
by dik23
Mon Oct 13, 2014 8:39 am
Forum: Administrators
Topic: Reverse proxy, sharing port 443
Replies: 6
Views: 838

Reverse proxy, sharing port 443

Someone here must have an idea how I can reverse proxy Zimbra HTTPS ?



I feel as though I'm really close but am missing a small detail which causes the errors I'm seeing.
by dik23
Wed Oct 08, 2014 10:57 am
Forum: Administrators
Topic: Reverse proxy, sharing port 443
Replies: 6
Views: 838

Reverse proxy, sharing port 443

Thanks.



Does anyone else here have any idea how I can achieve this, using HAProxy or any alternative ?
by dik23
Tue Oct 07, 2014 5:44 pm
Forum: Administrators
Topic: Reverse proxy, sharing port 443
Replies: 6
Views: 838

Reverse proxy, sharing port 443

Can I use Zimbra Proxy to proxy to another machine on my LAN ?


What I read looked like it was meant for using another web daemon on the same server. Am I missing something ?


Does Zimbra Proxy pass ssl to the non-Zimbra machine ?

by dik23
Mon Oct 06, 2014 10:05 am
Forum: Administrators
Topic: Reverse proxy, sharing port 443
Replies: 6
Views: 838

Reverse proxy, sharing port 443

I'm running Zimbra running on a single IP, NATd with split DNS. This setup has been working fine for years.Now I'm needing to run another site on another machine on 443, the same port that's used for webmail etc. I've been trying to use HAProxy (version 1.5.4) to do this but am havin...
by dik23
Wed Oct 01, 2014 4:31 pm
Forum: General Zimbra Feedback
Topic: Tapatalk?
Replies: 2
Views: 621

Tapatalk?

Here's looking forwards to these forums offering the same, if not better / more, functionality that the excellent Tapatalk app currently does.


I suppose a shortcut to that would be to enable Tapatalk...


Go to advanced search