When you set up the TLS encryption of a web or also of an IMAP server like Dovecot it is sometimes handy to test the encryption on command line level, to see what really happens there. A good tool to do just that is
# openssl s_client -crlf -connect www.example.net:993 depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready.
Afterwards, if you want to for example try an IMAP login, the command is as follows:
A login user password A OK User logged in A OK [CAPABILITY IMAP4rev1 ... A status INBOX (messages) * STATUS INBOX (MESSAGES 0) A OK Status completed. C logout * BYE Logging out C OK Logout completed. closed
At the same time, if you want to test HTTPS encryption:
$ openssl s_client -crlf -connect www.example.net:443 CONNECTED(00000003) [...] --- GET / HTTP/1.0 HTTP/1.1 302 Found [...]