How exactly I can do a wireshark against ssl chart?by bobykus - Nginx Mailing List - English
I used tcpdump and ssldump ssldump -nr /var/tmp/www-ssl-client.cap New TCP connection #1: 52.166.193.38(14104) <-> 10.32.20.102(993) 1 1 0.0187 (0.0187) C>S Handshake ClientHello Version 3.3 resume [32]= 39 27 b8 51 63 0d 88 f5 47 fa 05 41 d0 b7 ac 3e 17 93 05 1b 24 47 a6 77 41 bd 45 07 42 25 de 25 cipher suitesby bobykus - Nginx Mailing List - English
Looks like since mid of Sept we can not use nginx as an imap(s) proxy for mobile outlook apps (both IOS and Android ). SSL handshake is just dropping like 2017/10/09 15:32:01 30391#0: *184 accept: 52.166.246.73 fd:44 2017/10/09 15:32:01 30391#0: *184 client 52.166.246.73 connected to 0.0.0.0:993 2017/10/09 15:32:01 30391#0: *184 SSL_do_handshake: -1 2017/10/09 15:32:01 30391#0: *184by bobykus - Nginx Mailing List - English
The manual Setting up SSL/TLS for a Mail Proxy https://www.nginx.com/resources/admin-guide/mail-proxy/ says Enable SSL/TLS for mail proxy with the ssl directive. If the directive is specified in the mail context, SSL/TLS will be enabled for all mail proxy servers. You can also enable STLS and STARTTLS with the starttls directive: mail { ... ssl on; starttls on;by bobykus - Nginx Mailing List - English