You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Marc Chamberlin <ma...@marcchamberlin.com> on 2014/03/18 06:36:03 UTC
openssl connection problems
Hi - I am trying to test the TLS/SSL connection for my James 2.3.2
server. When using Thunderbird as a client and connecting via TLS/SSL
protocol I don't have any problems sending/receiving email. I am pretty
sure that I have set up my private (self-signed) certificate OK as this
has been working for a long time. I wanted to use TLS/SSL for access to
the RemoteManager and discovered that I cannot test/use openssl? This is
what I am seeing when I try connecting on any of the ports for the POP3,
SMTP or the RemoteManager -
openssl s_client -quiet -connect mydomain.com:portnum
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate
Signing, CN = StartCom Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
140032197080744:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert
internal error:s3_pkt.c:1256:SSL alert number 80
140032197080744:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:177:
Internal Error??? This does NOT look very healthy and implies sick
code... Anyone got any ideas on how to fix this?
As always, thanks in advance for any offers of help... Marc...
--
"The Truth is out there" - Spooky
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: openssl connection problems - Solved
Posted by Marc Chamberlin <ma...@marcchamberlin.com>.
On 03/17/2014 10:36 PM, Marc Chamberlin wrote:
> Hi - I am trying to test the TLS/SSL connection for my James 2.3.2
> server. When using Thunderbird as a client and connecting via TLS/SSL
> protocol I don't have any problems sending/receiving email. I am
> pretty sure that I have set up my private (self-signed) certificate OK
> as this has been working for a long time. I wanted to use TLS/SSL for
> access to the RemoteManager and discovered that I cannot test/use
> openssl? This is what I am seeing when I try connecting on any of the
> ports for the POP3, SMTP or the RemoteManager -
>
> openssl s_client -quiet -connect mydomain.com:portnum
> depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate
> Signing, CN = StartCom Certification Authority
> verify error:num=19:self signed certificate in certificate chain
> verify return:0
> 140032197080744:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1
> alert internal error:s3_pkt.c:1256:SSL alert number 80
> 140032197080744:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
> failure:s23_lib.c:177:
>
> Internal Error??? This does NOT look very healthy and implies sick
> code... Anyone got any ideas on how to fix this?
>
> As always, thanks in advance for any offers of help... Marc...
>
Turns out I had upgraded my openJDK to version 1.7 and there is a jar
file - sunjce_provider.jar file than needs to be copied in to the lib
directory of James. This is obscurely documented in the config.xml file
where it is easily overlooked. It would be far better to also mention
this on the web page at http://james.apache.org/server/2/usingTLS.html
which is the instructions that I was following to enable TLS/SSL
connections.
Marc...
--
"The Truth is out there" - Spooky
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org