today haved a issues with the conection in my mailserver, when I try to login can't access.
The error says:
IMAP Error: Login failed for user#myserver.com against host.myserver.com from IP_ADDRESS. Could not
connect to ssl://host.myserver.com:993: Unknown reason in
../lib/Roundcube/rcube_imap.php on line 200 (POST /webmail/?_task=login&_action=login)
When Try to check my ssl certificate with this command, received this response:
openssl s_client -connect xxxxxx.xxxx:993
140150541821056:error:0200206E:system library:connect:Connection timed out:../crypto/bio/b_sock2.c:110:
140150541821056:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111:
connect:errno=110
I'm not sure for what happened this. I created the certificate and actually I access to my web behind this domain.
Can you help me with this? Thanks a lot of!!!
Related
Hi im trying to config a HTTPS loadbalancer in GCP but when i made it
show me that:
Error: write EPROTO 140392502987240:error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE:../../third_party/boringssl/src/ssl/tls_record.cc:594:SSL alert number 40 140392502987240:error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO:../../third_party/boringssl/src/ssl/handshake.cc:604:
I use GCP default as default politic ssl
And the certificate is valid:
My frontends
But is still not working, i dont know what other thing do.
SSL proxy load balancers and global external HTTP(S) load balancers do not support SSL versions 3.0(SSLV3) or earlier. So, try to use a newer and more secure version to call the HTTPS Load balancer. Check whether the certificate is valid and linked properly with the page.
EDIT:
SSL fatal error, handshake failure 40 indicates the secure connection failed to establish because the client and the server couldn't agree on connection settings. Usually because the client or the server is way too old, only supporting removed protocols/ciphers. Try adding the domain name of the server to connect and a TLS connection will be established.
Example:
$ openssl s_client -connect 104.26.3.5:443 -servername external.example.com
I am disabling certificate verification using the following command:
getsessionkey = requests.post(AUTH_URL, headers=headers, data=data, verify=False)
I use above command in a script that calls an API to retrieve data from it. When I run my script, I have the following error:
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)
I understand from that error that the script could not verify the distant's API certificate. But I am explicitely disabling the verification, I am at loss as to how to interpret this.
If the problem cannot be resolved, how can I add my certificate to the certificate truststore?
P.S: Disabling certificate verification has always worked for me so far. I started to have the error above since a recent security update.
Thanks for helping.
I have created the process that uses sent-mail palette in Tibco BW.
I have downloaded the certificates for gmail using s_client -showcerts -connect smtp.gmail.com:587 -starttls smtp
and configure the certificates in sent mail palette
I am getting Error-
BW-MAIL-100019 Job-178001 Error in [Process/BloodRequest.process/Send
Mail] Error sending mail message. Cause:
javax.mail.MessagingException: Could not convert socket to TLS; nested
exception is: iaik.security.ssl.SSLException: Server certificate
rejected by ChainVerifier
Does anyone have an idea about a Certificate Error in Tibco BW?
Looks like you have some root certificates missing.
I suspect that you trying to replace certificates in example project https://support.tibco.com/s/article/Tibco-KnowledgeArticle-Article-37939 that have outdated certificates.
instead of
openssl s_client -showcerts -connect smtp.gmail.com:587 -starttls smtp
you can find/download google certificates from google web site https://pki.goog/.
First certificate from the list https://pki.goog/gtsr1/GTSR1.crt works for me.
Please note that after fixing certificates I got following error:
BW-MAIL-100019 Job-34000 Error in [Mail/SendMail.process/Send Mail]
Error sending mail message. Cause: javax.mail.AuthenticationFailedException: 535-5.7.8 Username and Password not accepted. Learn more at
535 5.7.8 https://support.google.com/mail/?p=BadCredentials y23sm10913598iob.28 - gsmtp
I was able to sent email only after setting "Allow less secure apps: ON"
https://myaccount.google.com/u/3/lesssecureapps?pli=1 in Google account settings
just in case here are other possible reasons for javax.mail.AuthenticationFailedException :
JavaMail with Gmail: 535-5.7.1 Username and Password not accepted
I am building an ecommerce website on a local Windows 7 pro (Apache/php) test server with a self-signed SSL. I have the mydomain.com in the hosts file redirecting to localhost - so far so good.
When I try to use the email function of the ecommerce software via Gmail smtp, I am getting an SSL error:
[23-Apr-2018 03:00:06 America/New_York] Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed [C:\Apache24\htdocs\includes\classes\vendors\PHPMailer\class.smtp.php line 379]
[23-Apr-2018 03:00:06 America/New_York] SMTP Error: Could not connect to SMTP host.
[23-Apr-2018 03:00:06 America/New_York] CLIENT -> SERVER: QUIT
I thought about just getting a cheap CA SSL and installing it on the server but I'm not sure this will work, since the Gmail smtp server is obviously not using my hosts file. This is just a guess at this point.
Question I'd like answered is, 1, will installing CA cert resolve the issue, and 2. if not, what is your strategy to have a functional email on a test server with domain in hosts file?
Thank you,
David
I added the following to the function responsible for smtp connection. Warning, only to be used on completely secure environment, your own test server, never on a live server.
$options["ssl"]=array("verify_peer"=>false,"verify_peer_name"=>false,"allow_self_signed"=>true);
When I used set doc=db.GetDocumentByURL(url,1,1,,,,,False) to get a page/file under http, it returned the web page/file successfully as a Notes document.
But when I used set doc=db.GetDocumentByURL(url,1,1,username,password,,,False) to get an ssl page/file under https, where url is like "https://docs.google.com/document/d/xxxxoooo/edit", it failed and the remote console showed the error messages:
SSL Error: Keyring File access error
Connection interrupted: SSL Error: Bad or missing remote certificate
Can't db.GetDocumentByURL() access an ssl page/file? What should I do?
Assuming you are using Windows - make sure that IE can open the page. I've seen this problem in case the server's SSL certificate was self-signed and installing it in IE solved the problem.