Month: October 2011

Android Wish­list: The EMail-App

Things I do not like with Android, and what I would expect instead.

The EMail-App

 This is about the nor­mal EMail App on a stock Android 3.1, not about GMail. The con­nec­tion is via IMAP.

  • By default the most recent EMail is on top. If I switch to oldest-first order, the old­est EMail is shown when enter­ing a fold­er. I want to see the most recent one. If I let the most-recent order, I see direct­ly the newest mes­sages, but when I read the old­est unread mes­sage and delete it, the more old mes­sage is dis­played, instead of the more recent one. KMail is doing this bet­ter (it is able to go “up” instead of only “down” to go to the more recent mes­sage when the most recent mail is sort­ed on top), but in KMail I can not select mul­ti­ple mes­sages as easy as with the nor­mal EMail App (it seems I have to long-tap on a mail and then tell to select the EMail, and just then I can just quick­ly tab on the very small area on the left of the sub­ject to select more EMails).
  • Select­ing mes­sages could also be improved. When I select sev­er­al mes­sages, and then – by acci­dent – enter a mes­sage and want to go back, the first “go back” uns­e­lects all mes­sages and the sec­ond “go back” goes back to the folder-view. I would like to go back direct­ly to the folder-view, instead of uns­e­lect­ing all messages.
  • The folder-view itself is also not nice. I have a lot of fold­ers. IMAP sub­fold­ers are sep­a­rat­ed by a dot, e.g. FreeBSD.arch and FreeBSD.multimedia are the sub­fold­ers arch and mul­ti­me­dia in the fold­er FreeB­SD. Each desk­top EMail pro­gram I used so far was intel­li­gent enough to cre­ate a folder-hierarchy out of this, with the pos­si­bil­i­ty to col­lapse the dis­play of all sub­fold­ers of FreeB­SD (I have a lot there, not only those 2) into one entry. If I want to field some­thing in my hier­ar­chi­cal fold­er struc­ture, I have to scroll a long list of fold­ers, instead of just (auto-)opening (dur­ing drag&drop) the cor­rect hierarchy.
  • I do not find an option to tell that the App shall have a look at more than the default inbox to look for new mes­sages. If I want to know if there is a new mes­sage in one of the oth­er fold­ers, I must have a look into the folder(s).
  • It looks like I can only pro­duce TOFU-replies, I have not found a way to do a prop­er interleaved-style reply.
  • The error mes­sages when set­ting up an out­go­ing (and I assume incom­ing) serv­er are too brief for my taste. As a default it is OK, but there should be an option to enable more verbose/technical error mes­sages for those which are able to under­stand them.
  • It does not option­al­ly save send mails to a spe­cif­ic (con­fig­urable) folder.
  • It does not allow to cryp­to­cal­ly sign mes­sages (at the moment I do not real­ly care if it is via S/MIME or via PGP).
  • I also would like to tab with two fin­gers, and the text in-between is select­ed (not only in the EMail-App).
Share/Save

IBM HTTP Serv­er (7) and Verisign Inter­me­di­ate Certificates

I was fight­ing with the right way to add a recent Verisign cer­tifi­cate to a key­store for the IBM HTTP Serv­er (IHS). I have used the ikey­man util­i­ty on Solaris.

The prob­lem indi­ca­tor was the error mes­sage “SSL0208E: SSL Hand­shake Failed, Cer­tifi­cate val­i­da­tion error” in the SSL log of IHS.

The IBM web­sites where not real­ly help­ful to track down the prob­lem (the miss­ing stuff). The Verisign instruc­tions did not lead to a work­ing solu­tion either.

What was done before: the Verisign Inter­me­di­ate Cer­tifi­cates where import­ed as “Sign­er Cer­tifi­cates”, and the cer­tifi­cate for the web­serv­er was import­ed with­in “Per­son­al Cer­tifi­cates”. With­out the sign­er cer­tifi­cates the per­son­al cer­tifi­cate would not import due to an inter­me­di­ate cer­tifi­cat­ed miss­ing (no valid trust-chain).

What I did to resolve the problem:

  •  I removed all Verisign certificates.
  •  I added the Verisign Root Cer­tifi­cate and the Verisign Inter­me­di­ate Cer­tifi­cate A as a sign­er cer­tifi­cate (use the “Add” but­ton). I also tried to add the Verisign Inter­me­di­ate Cer­tifi­cate B, but it com­plained that some part of it was already there as part of the Inter­me­di­ate Cer­tifi­cate A. I skipped this part.
  •  Then I con­vert­ed the serv­er cer­tifi­cate and key to a PKS12 file via “openssl pkcs12 ‑export ‑in server-cert.arm ‑out cert-for-ihs.p12 ‑inkey server-key.arm ‑name name_for_cert_in_ihs”.
  • After that I import­ed the cert-for-ihs.p12 as a “Per­son­al Cer­tifi­cate”. The import dia­log offers 3 items to import. I select­ed the “name_for_cert_in_ihs” and the one con­tain­ing “cn=verisign class 3 pub­lic pri­ma­ry cer­ti­fi­ca­tion author­i­ty – g5” (when I select­ed the 3rd one too, it com­plained that a part of it was already import­ed with a dif­fer­ent name).

With this mod­i­fied key­store in place, I just had to select the cer­tifi­cate via “SSLServerCert name_for_cert_in_ihs” in the IHS con­fig and the prob­lem was fixed.

Share/Save