IMAP on Exchange server SSL issue

I am trying to setup IMAP access to my Exchange server 2016.

Followed these instructions

And I see this

[PS] C:\Windows\system32>Get-ImapSettings | Format-List *ConnectionSettings,*Bindings,X509CertificateName

InternalConnectionSettings : {ex-sx-01.domain.local:993:SSL, ex-sx-01.domain.local:143:TLS}
ExternalConnectionSettings : {exchange.domain.ch:143:TLS, exchange.domain.ch:993:SSL}
UnencryptedOrTLSBindings   : {[::]:143, 0.0.0.0:143}
SSLBindings                : {[::]:993, 0.0.0.0:993}
X509CertificateName        : wildcard-domain.ch

Open in new window

Which seems to be ok

However if I try to connect I get

MBP13:~ alex$ telnet exchange.domain.ch 993
Trying 000.000.210.252...
Connected to exchange.domain.ch.
Escape character is '^]'.
* BYE Connection is closed. 14
Connection closed by foreign host.
MBP13:~ alex$ 

Open in new window


MBP13:~ alex$ openssl s_client -connect exchange.domain.ch:993 -crlf
CONNECTED(00000005)
140736108229576:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.50.2/libressl/ssl/s23_clnt.c:565:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 318 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
---
MBP13:~ alex$ 

Open in new window

It would seem that my SSL setup is not correct ?!

Any suggestion / pointer ?
LVL 2
Alexandre TakacsCTOAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jose Gabriel Ortega CEE Solution Guide - CEO Faru Bonon ITCommented:
The problem is that a wildcard certificate can't be assigned to use IMAP.

https://www.lisenet.com/2014/configure-wildcard-ssl-certificate-for-pop-imap-on-exchange-2010-server/

Is IMAP Service enabled?
https://docs.microsoft.com/en-us/exchange/clients/pop3-and-imap4/configure-imap4

My suggestion Do not use IMAP or POP anymore you have an exchange server use, Outlook Anywhere or ActiveSync.

Jose
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Alexandre TakacsCTOAuthor Commented:
The problem is that a wildcard certificate can't be assigned to use IMAP.

Aha - good catch ! Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.