|
|
|
|
 Re: Kerio Connect 9.3.0 released [message #148847 is a reply to message #148843] |
Thu, 15 October 2020 11:43   |
Th.Bein
Messages: 1
Registered: April 2019
|
|
|
|
Our Kerio-Connect Server crashes from Time to time after update to 9.3.0. The reasons for crashing are well known, because here are a lot of detailed messages.
We are very unhappy with updates last time and the question is: Why GFI-Quality is so poor ?
My company gets into big problems and we lose money when the mail server is down...
Please Note we pay for your Service, Kerio-Connect is not freeware, so we must have safety for our mailserver.
So we need urgently a fix for the crashes!
But recently we as administrators have been really afraid of doing an update because something is always going wrong. That is totally unacceptable!
Please improve this situation as soon as possible if you do not want to lose your customers!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 Re: Kerio Connect 9.3.0 released [message #148871 is a reply to message #148725] |
Mon, 19 October 2020 07:43 |
pjandl
Messages: 1
Registered: October 2020
|
|
|
|
Version 9.3.0 has minimal 3 errors:
1) The service stops (specifically on CentOS8 and CentOS7) it runs for a maximum of 70 minutes (on CentOS7 exactly always 70 minutes.) BUT only in real operation, if the server is disconnected from the Internet it does not crash
2) The antivirus update is not downloaded unless the ValidateUpdateServer parameter in mailserver.cfg changes to 0. Don't have money for a certificate on the server with the update? This needs to be done on version 9.2.12 patch 1 (5027), so I assume there is a problem on the server side.
3) Version 9.3.0 marks a valid letsencrypt certificate as revoked. In last version 9.2.12 patch 1 (5027) is certifikate valid.
|
|
|
|
| Re: Kerio Connect 9.3.0 released [message #148872 is a reply to message #148865] |
Mon, 19 October 2020 09:47 |
han_swurst
Messages: 11
Registered: February 2019
Location: Germany
|
|
|
|
@ian.bugeja
So, LetsEncrypt Certificates should be suitable as it has 2048Bit RSA key. But user <_at_>centros wrote on page 2 that his LetsEncrypt certificate does not work.
Has anyone running kerio connect 9.3 with LetsEncrypt certificates?
|
|
|
|
|
|
|
|
| Re: Kerio Connect 9.3.0 released [message #148885 is a reply to message #148882] |
Tue, 20 October 2020 15:50 |
centros
Messages: 14
Registered: April 2018
|
|
|
|
Maybe the SSL-certificate issue only effects Linux distros or Centos in particular.
As I wrote before, we tried a freshly generated GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 with a size of 2.048 (version 3)
We also tried LetsEncrypt with a size of 4.096
Quoting Ian quoting OpenSSL website:
"The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited."
I can't see where our certificates don't match these requirements.
This is not a weak-certificate-issue...
|
|
|
|
|
|
|
|
Members
Search
Help
Register
Login
Home
