我正在尝试使用Emacs gnus连接到我的gmail帐户。这是相关的配置代码,主要取自这里:
(setq tls-program '("openssl s_client -CAfile C:/Users/GGustafson/gmail.crt -connect %h:%p -no_ssl2 -ign_eof"))
(setq gnus-select-method '(nnimap "gmail"
(nnimap-address "imap.gmail.com")
(nnimap-server-port 993)
(nnimap-stream ssl)
(nnimap-authinfo-file "~/.authinfo")))
(setq message-send-mail-function 'smtpmail-send-it
smtpmail-starttls-credentials '(("smtp.gmail.com" 587 nil nil))
smtpmail-auth-credentials '(("smtp.gmail.com" 587 "gordon3.14@gmail.com" nil))
smtpmail-default-smtp-server "smtp.gmail.com"
smtpmail-smtp-server "smtp.gmail.com"
smtpmail-smtp-service 587)
当我重新启动、启动emacs并执行M-x gnus时,我会得到这些*Messages*:
Opening connection to imap.gmail.com via tls...
gnutls.c: [1] (Emacs) GnuTLS library not found
Opening TLS connection to `imap.gmail.com'...
Opening TLS connection with `openssl s_client -CAfile C:/Users/GGustafson/gmail.crt -connect imap.gmail.com:993 -no_ssl2 -ign_eof'...done
Opening TLS connection to `imap.gmail.com'...done
nnimap (gmail) open error: 'depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority^M
'. Continue? (y or n) y
这里到底发生了什么?以前我遇到过一些verify error:num=20:unable to get local issuer certificate错误,但我按照以下说明修复了这些错误,这些说明要求我添加带有适当证书副本的-CAfile参数。
为了确认这一点,我可以这样做:
C:UsersGGustafson>openssl s_client -CAfile C:/Users/GGustafson/gmail.crt -connect imap.gmail.com:993 -no_ssl2 -ign_eof
CONNECTED(00000003)
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2 verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = imap.gmail.com verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
i:/C=US/O=Google Inc/CN=Google Internet Authority G2
1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
****SNIP****
Start Time: 1387083719
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
* OK Gimap ready for requests from 128.84.124.191 el7if9939594qeb.109
使用gnus阅读我的Gmail缺少什么?我在Windows7上使用Cygwin-openssl。
我在Windows7上需要做的一件事是:
;; So gnutls can find trustfiles on windows
(eval-after-load "gnutls"
'(progn
(setq gnutls-trustfiles '("c:/cygwin/usr/ssl/certs/ca-bundle.trust.crt" "c:/cygwin/usr/ssl/certs/ca-bundle.crt"))))
除此之外,其他设置类似:
(setq gnus-secondary-select-methods
'(
(nnimap "gmail"
(nnimap-address "imap.gmail.com")
(nnimap-server-port 993)
(nnimap-stream ssl)
(nnir-search-engine imap)
(nnimap-authinfo-file "~/.authinfo")
)
(nntp "news.gmane.org")
(nnfolder "archive"
(nnfolder-directory "~/Documents/Text/Gnus/Mail/archive")
(nnfolder-active-file "~/Documents/Text/Gnus/Mail/archive/active")
(nnfolder-get-new-mail nil)
(nnfolder-inhibit-expiry t))))
能够阅读来自gmail的邮件。
对我有用的是为windows使用gnutls端口,而不是openssl,并删除tls-program的任何自定义。如果gnutls中的二进制文件在您的路径上,Emacs将自动使用它们,因为gnutls-cli是第一个尝试使用默认值tls-program的程序。
我建议在尝试openssl之前使用gnutls,它在默认情况下可能是第一位的,这是有原因的。