|

»

IMAP over SSL error

View: New views

3 Messages — Rating Filter: Alert me

	IMAP over SSL error by Ildar Mulyukov :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi! I get balsa complaining: OpenSSL error in imap_setup_ssl(): 14071:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:284: End of print_errors while connecting with imapS with Lotus Domino 8. rpm -qR balsa \| grep ssl libssl.so.7 WBR, -- Ildar Mulyukov, free SW designer/programmer/packager ========================================= email: ildar@... Jabber: ildar@... ICQ: 4334029 ALT Linux Sisyphus http://www.sisyphus.ru ========================================= _______________________________________________ balsa-list mailing list balsa-list@... http://mail.gnome.org/mailman/listinfo/balsa-list
	Re: IMAP over SSL error by Pawel Salek-4 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On 09/03/2009 06:24:21 PM, Ildar Mulyukov wrote: > Hi! > > I get balsa complaining: > OpenSSL error in imap_setup_ssl(): > 14071:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version > number:s3_pkt.c:284: > > End of print_errors > while connecting with imapS with Lotus Domino 8. > > rpm -qR balsa \| grep ssl > libssl.so.7 It may be that lotus does not support the same encryption methods as balsa. Can you please try the following commands and report the result (success/failure)? openssl s_client -connect imaphost:993 -ssl3 -crlf openssl s_client -connect imaphost:993 -ssl2 -crlf openssl s_client -connect imaphost:993 -tls1 -crlf (if it connects without error, just type ". LOGOUT" and press enter). Balsa currently allows only TLSv1. We used to allow SSLv3 but it did not work well with all servers (see libbalsa/imap/imap-tls.c:imap_create_ssl). We should not allow SSLv2 since it has fundamental design problems. Pawel _______________________________________________ balsa-list mailing list balsa-list@... http://mail.gnome.org/mailman/listinfo/balsa-list
	Re: IMAP over SSL error by Ildar Mulyukov :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On 03.09.2009 22:06:32, Pawel Salek wrote: >> OpenSSL error in imap_setup_ssl(): >> 14071:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version >> number:s3_pkt.c:284: > It may be that lotus does not support the same encryption methods as > balsa. Can you please try the following commands and report the > result (success/failure)? > > openssl s_client -connect imaphost:993 -ssl3 -crlf ... New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA ... * OK Domino IMAP4 Server Release 8.0 ready Fri, 4 Sep 2009 00:01:59 +0600 > openssl s_client -connect imaphost:993 -ssl2 -crlf works > openssl s_client -connect imaphost:993 -tls1 -crlf CONNECTED(00000003) 12575:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:284: > Balsa currently allows only TLSv1. We used to allow SSLv3 but it did > not work well with all servers (see > libbalsa/imap/imap-tls.c:imap_create_ssl). We should not allow SSLv2 > since it has fundamental design problems. Might be reasonable to have a switch TLS1/SSL3. Or, alternatively, if TLS fails, try again with SSL3. Should I open a bug for it? Thanks. -- Ildar Mulyukov, free SW designer/programmer/packager ========================================= email: ildar@... Jabber: ildar@... ICQ: 4334029 ALT Linux Sisyphus http://www.sisyphus.ru ========================================= _______________________________________________ balsa-list mailing list balsa-list@... http://mail.gnome.org/mailman/listinfo/balsa-list