AnsweredAssumed Answered

K9-mail and Android 4.4.2 ciphers

Question asked by Bob Watson on Feb 7, 2015
Latest reply on Feb 7, 2015 by Rob_T

Currently I have the following set in Dovecot on my server:

 

ssl_cipher_list = AES128+EECDH:AES128+EDH

 

When I connect with Thunderbird 31.4 I see the following in the log:

 

ECDHE-ECDSA-AES128-GCM-SHA256

 

When I connect with K9 mail (latest version) on Android 4.4.2 I see:

 

ECDHE-ECDSA-AES128-SHA

 

How can I get K9/Android to connect using GCM (ie ECDHE-ECDSA-AES128-GCM-SHA256)?

 

I had a look at:

 

Qualys SSL Labs - Projects / User Agent Capabilities: Android 4.4.2

 

and Android 4.4.2 does support:

 

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)   Forward Secrecy

 

So why won't it use the GCM cipher? Is this a K9 mail limitation?

Outcomes