[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gnutls error

To: wl-en@ml.gentei.org
Subject: Re: gnutls error
From: Francesco Mazzoli <f@mazzo.li>
Date: Sun, 07 Oct 2012 22:44:53 +0100
In-reply-to: <87r4paqiwy.wl%dmaus__28799.3775368252$1349631799$gmane$org@ictsoc.de>
List-help: <mailto:wl-en-ctl@ml.gentei.org?body=help>
List-id: wl-en.ml.gentei.org
List-owner: <mailto:wl-en-admin@ml.gentei.org>
List-post: <mailto:wl-en@ml.gentei.org>
List-software: fml [fml 4.0 STABLE (20040215/4.0.4_BETA)]
List-unsubscribe: <mailto:wl-en-ctl@ml.gentei.org?body=unsubscribe>
References: <87a9w3ipap.wl%f@mazzo.li> <87391taoft.wl@gravicappa.localhost.localdomain> <87d30ufxmz.wl%f@mazzo.li> <87r4paqiwy.wl%dmaus__28799.3775368252$1349631799$gmane$org@ictsoc.de>
Reply-to: wl-en@ml.gentei.org
User-agent: Wanderlust/2.15.9 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (Gojō) APEL/10.8 Emacs/23.4 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)

At Sun, 07 Oct 2012 19:41:17 +0200,
David Maus wrote:
> You could try to connect to the server on the command line and use
> GnuTLS with the `--verbose' option.
> 
> E.g.
> 
> gnutls-cli --verbose --port PORT --insecure --x509cafile /etc/ssl/certs/ca-certificates.crt HOST
> 
> And check the verbose program output.

Right, thanks for the suggestion.

What I get:

    $ gnutls-cli --verbose --port <port> --insecure --x509cafile /etc/ssl/certs/ca-certificates.crt <host>
    Processed 152 CA certificate(s).
    Resolving 'smtp.rabbitmq.com'...
    Connecting to '<host_address>'...
    |<1>| Note that the security level of the Diffie-Hellman key exchange has been lowered to 512 bits and this may allow decryption of the session data
    |<1>| Received record packet of unknown type 50
    *** Fatal error: An unexpected TLS packet was received.
    No certificates found!
    *** Handshake has failed
    GnuTLS error: An unexpected TLS packet was received.

Which is quite cryptic.

On the other hand, this

    openssl s_client -starttls smtp -crlf -connect <host>

succeeds.  So maybe openssl would work.  But I remember it not working for an
IMAP server...

--
Francesco * Often in error, never in doubt

Follow-Ups:
- Re: gnutls error
  - From: David Maus <dmaus@ictsoc.de>
- Re: gnutls error
  - From: "Herbert J. Skuhra" <hskuhra@eumx.net>

References:
- gnutls error
  - From: Francesco Mazzoli <f@mazzo.li>
- Re: gnutls error
  - From: Vitaly Mayatskikh <v.mayatskih@gmail.com>
- Re: gnutls error
  - From: Francesco Mazzoli <f@mazzo.li>

Prev by Date: Re: WL displays only header ... no MIME buttons or content (was: Forward: Opinion Today: The Deafness Before the Storm)
Next by Date: Re: gnutls error
Previous by thread: Re: gnutls error
Next by thread: Re: gnutls error
Index(es):
- Date
- Thread