[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gnutls error
At Sun, 07 Oct 2012 19:41:17 +0200,
David Maus wrote:
> You could try to connect to the server on the command line and use
> GnuTLS with the `--verbose' option.
>
> E.g.
>
> gnutls-cli --verbose --port PORT --insecure --x509cafile /etc/ssl/certs/ca-certificates.crt HOST
>
> And check the verbose program output.
Right, thanks for the suggestion.
What I get:
$ gnutls-cli --verbose --port <port> --insecure --x509cafile /etc/ssl/certs/ca-certificates.crt <host>
Processed 152 CA certificate(s).
Resolving 'smtp.rabbitmq.com'...
Connecting to '<host_address>'...
|<1>| Note that the security level of the Diffie-Hellman key exchange has been lowered to 512 bits and this may allow decryption of the session data
|<1>| Received record packet of unknown type 50
*** Fatal error: An unexpected TLS packet was received.
No certificates found!
*** Handshake has failed
GnuTLS error: An unexpected TLS packet was received.
Which is quite cryptic.
On the other hand, this
openssl s_client -starttls smtp -crlf -connect <host>
succeeds. So maybe openssl would work. But I remember it not working for an
IMAP server...
--
Francesco * Often in error, never in doubt