[Q] IMAP account configuration: missing option STARTTLS with encrypted password - Android Q&A, Help & Troubleshooting

Hello
I installed 4.1.1 on a MB525 (Defy) according to the honorable post in <http://forum.xda-developers.com/showthread.php?t=1768702> and it works like a charm!
One thing I am missing is: Configuration options for the IMAP account are not as fine granular as in the stock Motorola. Especially I can't configure to an IMAP server supporting the following:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
Means: IMAP with STARTTLS and encrypted (MD5) password
What is supported by the 4.1.1: None, SSL/TLS, SSL/TLS (all certs accepted), STARTTLS, STARTTLS (all certs accepted).
What I would need is STARTTLS with password encryption md5 (automatically detected or fixed configurable).
How could I solve this issue?
Regards
TinL

Q does not seem to be Question
Hello
it does not seem to be an issue for Android 4.1 in general.
Regards
TinL

Related

WiFi not connecting at Work (home OK) on TMous HD2

Mark here.
Thanks in advance for any help offered.
Searched around here and elsewhere since last year & can't find a solution. (please don't copy whole message in reply)
Ideal solution either: 1. Able to store/save settings and password so it does not need to be entered every day (many times) or 2. Load certificate correctly.
I have a TMous HD2 running Energy ROM (Feb 2011 version)
Connects fine to home WiFi's without prompts. Also to about 10 others when traveling - no probs.
It does not connect easily to my work WiFi. I have worked out a method, but I need to re-enter settings and password many times a day. With high security p/w with various characters etc it's a real pain.
To do so, I have setup link to WLANSettings.exe on home screen. I use these settings: 1. Work (not internet), 2. WPA2/AES, 3. PEAP (not Smart card or cert). OK. Then asks for login, password (no domain needed). First time enter login etc it doesn't connect. Second time I've learned to hit OK again and after a few seconds it connects.
If I go though the 'normal' WiFi setup it asks for a Certificate. I enter the server for the cert, password as above and it will not find it. They gave me a cert file ('home grown' PEAP Authority certificate Thawte Premium Server CA) but it loads into Intermediate, not Personal and does not work. Apparently iPhone & iPad link to cert server and install it fine.
Tried:
1. I tried Odyssey (Odyssey Access Client for Windows MobileCE - Juniper Networks ). Helps, but not perfect, but it messes up my home connection. so uninstalled (updated ROM since then)
2. Tried programs to load cert. No go. (p12imprt, pfximprt; smartphoneaddcert). Various error messages - can't remember them - along the lines of not signed, not .pfx cert etc.
3. Exported cert. from PC's (WinXP) Firefox. Can't convert it to a .pfx to use the above.
Work does not support Win Mobile. So no support offered - though they've tried to help.
The settings for my mates Nokia which does work are:
PEAP and the fields are:
Personal certificate: not defined
Authority certificate: Thawte Premium Server CA User name in use: user defined User name: 'must leave blank'
Realm in use: user defined
Realm: 'must leave blank'
Allow PEAPv0: Yes
Allow PEAPv1: Yes
Allow PEAPv2: No
Under MSCHAPv2 within PEAP settings are
User name : your 'username'
Prompt password: no
Password: your 'password'
Have tried following also (rough notes):
HKEY_LOCAL_MACHINE\Comm\EAP\Extension\25.
"InvokePasswordDialog" and "InvokeUserNameDialog" value 1, switch to 0. Works till restart.
go to commMan/ menu/ settings set work & proxy or commMan/Conns/conns
changed to HKLM, gone to directory comm\EAP\extension\25. added a folder called validateservercert and added a key to this folder - DWORD. it asks me to edit the DWORD value - in value data i have added 00000000 and selected hexadecimal.
add the key [HKEY_LOCAL_MACHINE\Comm\EAP\Extension\25] and [HKEY_LOCAL_MACHINE\Comm\EAP\Extension\26]

			
				
Mmm... 'tis a difficult one.
>"Ideal solution either: 1. Able to store/save settings and password so it does not
>need to be entered every day (many times) or 2. Load certificate correctly."
Another alternative would be software to manage WiFi login - that saves passwords.
I tried Odyssey, but it messed up home connections. WiFi Monster does not do it.
Anything out there?
Mark

Email in ACE SIII v7

This is a small tutorial in how to get working the AOSP ICS email app in ACE SIII rom by winxuser.
1-First of all download this app from this thread: http://forum.xda-developers.com/showthread.php?t=1728308&highlight=hotmail
2-Copy it to system/app using a root explorer and set permissions to rw-r-r
3-Reboot your device.
Note: If you want to sync a hotmail account follow this steps (thanks to xeni):
I was able to get it to work by doing the following however "Push" doesn't work so you will need to set a timer like 15+ minutes since hotmail doesn't allow anything lower then 15 mintues.
1. Enter username and password and click on manual setup
2. Choose POP3 setup
3. Server: pop3.live.com and Security Type: SSL/TLS Accept all certificates
4. Click next to outgoing settings
5. Verify smtp server is: smtp.live.com
6. Security Type: STARTTLS accept all certificates
I was able to send and receive email after performing the following setup.

Issue with Email.apk Jelly Bean 4.1.2 and Exchange

Hello all,
I installed [ROM] NexusHD2-JellyBean-4.1.2-CM10 V1.2 from tytung.
It is fine. I find it great.
But I have an issue to configure with my corporate exchange account.
My error log emaillog.txt is as following:
[11:17:53] AbstractSyncService| Testing EAS: my.server.adress, my_domain\my_user, ssl = 1
[11:17:53] ExchangeService| !!! EAS ExchangeService, onStartCommand, startingUp = false, running = false
[11:17:53] ExchangeService| Reconciling accounts...
[11:17:53] ExchangeService| !!! EAS ExchangeService, stopping self
[11:17:53] AbstractSyncService| Validation (OPTIONS) response: 500
[11:17:53] AbstractSyncService| Internal server error
[11:17:53] ExchangeService| !!! EAS ExchangeService, onDestroy
Click to expand...
Click to collapse
I can't get rid of the error:
[11:17:53] AbstractSyncService| Validation (OPTIONS) response: 500
[11:17:53] AbstractSyncService| Internal server error
Does someone know how to solve it? What is it meaning?
I searched hours on the xda forums and found lots of posts with issues concerning Email.apk and Exchange Server.
I tried different proposed solutions, but they didn't solved my case.
Here what I tried:
- Delete all accounts (even the google account), recreate the exchange account 1st ...
- Check my permissions in Active directory (The famous checkbox inherit permissions), which are correct.
- Reinstalled the rom.
- I tried to replace my apk with various Email.apk and Exchange2.apk without exchange security, it never worked.
- I tried with a pin lock screen, a password lockscreen or a pattern lock screen
- I found post speaking about issues concerning the exchange server SSL Certificate.
I tried the workaround with WIFI connection and shut down the connection, to finish the account configuration, but it didn't worked.
Instead of skipping the SSL certificate check and completing the account configuration, it cancelled/interrupted the account configuration.
- I tried to add the SSL certificate in the trusted certificates
- With my Email.apk V4.1 and Exchange2.apk v5.0 I never got the message to add the email application to the device administrator...
- I checked my settings with Moxier trial and Touchdown trial, and it worked. So my settings (account, domain, server) are correct. The only problem is the Email.apk on JB 4.1.2 !!!
I noticed that if i install a previous version of Email.apk (v2.3), I can configure my exchange account and sync mails, but the application is not stable on JB 4.1.2 and constantly crashes.
What could I do to solve that issue?
Do someone have a tip or hint?
Thanks in advance
Regards
A. Meladius

Certificate error when trying to establish email account connection

I am trying to connect an email app (AquaMail) on my phone (Sprint Samsung Note 4, stock rooted, Android OS 5.0.1) to my email server (IMAP) using SSL. When I try this, I get the following error message:
Incoming mail server (IMAP): Invalid security (SSL) certificate. java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
The server to which I am trying to connect is my own VPS. I do have a wild card certificate installed on the site and I believe it is installed properly. I say this because of the report I generated on www.ssllabs.com/ssltest:
Certificate: 100%
Protocol Support: 95%
Key Exchange: 90%
Cipher Strength: 90%
Two certification paths are shown: mail.mydomain.com -> StartCom Class 2 Primary Intermediate Server CA -> StartCom Certification Authority (one path shows this with SHA1withRSA and the other shows SHA256withRSA).
Looking at the Handshake Simulation section, it clearly shows that Android 5.0.0 functions properly, but is also shows that Java 7u25 has a 'protocol or cipher suite mismatch'. This same warning shows up for other, deprecated systems and is probably due to my having turned off older, insecure access protocols.
Can anyone suggest how to get this working properly? Yes, I could work around this by a) allowing all certificate or b) not using secure protocols; but neither of these are solutions.
Thank you for your help!

Android Password Authentication

I am trying to understand how the android password authenticator works in some specific app.
There is this line of code in the app:
PasswordAuthentication auth = java.net.Authenticator.requestPasswordAuthentication(url.host(), getConnectToInetAddress(proxy, url), url.port(), url.scheme(), challenge.getRealm(), challenge.getScheme(), url.url(), RequestorType.SERVER);
I know that the requestPasswordAuthentication function Ask the authenticator that has been registered with the system for a password. It then returns the username and password and store them in "auth".
My questions are:
what is the authenticator that has been registered with the system? where is this password stored? Where does it get the password from?

Categories

Resources