You've probably tried this so feel free to ignore me...or call me silly :) Have you tried using the default standard certificate that is created when you install Imail, rather than your own one?
We use SSL on port 8384 (we force SSL access to webmail from the Internet) and it has always run perfectly. Chris -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan Barker Sent: Sunday, 12 June 2005 9:19 PM To: [email protected] Subject: RE: [IMail Forum] What's the trick to SSL? Yes, it say "The Pass phrase entries are identical" and "Teh Key and Certificate exist". I reentered them anyway, bounced Web Messaging, and get a similar problem. They must have been identical, but wrong before. Now the symptom is different. So, I started over from the beginning. I Created a cert, I selected that cert, I cycled Web Messaging, and now I get (from Firefox, IE still says Server not found): "mail.visioncomm.net has received an incorrect or unexpected message. Error Code: -12227" Firefox Sniffer trace says: Me 4841>HTTPS SYN Mail HTTPS>4841 SYN,ACK Me 4841>HTTPS ACK Me SSLv2 Client Hello Mail SSLv3 Server Hello, Certificate, Certificate Request, Server Hello Done Me SSLv3 Encrypted Alert, Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message Mail SSLv3 Alert (21) Level: Fatal (2), Description: Handshake Failure (40) Different? Yes. Better? No. Interestingly, IE wants a CLIENT certificate, before failing to Handshake: Me 4890>HTTPS SYN Mail HTTPS>4890 SYN,ACK Me 4890>HTTPS ACK Me SSLv2 Client Hello Mail SSLv3 Server Hello, Certificate, Certificate Request, Server Hello Done Me 4890>HTTPS FIN,ACK Mail HTTPS>4890 ACK Mail HTTPS>4890 FIN 5 seconds go by as IE presents the "Choose a digital certificate" dialog. Me 4891>HTTPS SYN Mail HTTPS>4891 SYN,ACK Me 4891>HTTPS ACK Me SSLv2 Client Hello Mail SSLv3 Server Hello, Certificate, Certificate Request, Server Hello Done Me SSLv3 Encrypted Alert, Client Key Exchange, Certificate verify, change cipher Spec, Encrypted Handshake Message Mail SSLv3 Alert (21) Level: Fatal (2), Description: Bad Certificate (42) Does IMail require a Personal Certificate? Will that work with Firefox? Does that have anything to do with this problem? btw, this has not worked for me in many many releases. I believe I first tried SSL about 18 months ago. I just figured it was something that didn't work for anybody. Dan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Eric Shanbrom Sent: Sunday, June 12, 2005 12:34 AM To: [email protected] Subject: Re: [IMail Forum] What's the trick to SSL? In the SSL configuration utility in the IMail program group, when you selected the cert/key pair, did you re-enter the pass phrase? This needs to be done. eric S Dan Barker wrote: >I can find no such settings in IE 6 or Firefox. I'd expect a >different/better error message from Firefox if that was the issue, tho. > >Thanks, >Dan > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] Behalf Of Rod Dorman >Sent: Saturday, June 11, 2005 10:56 AM >To: [email protected] >Subject: Re: [IMail Forum] What's the trick to SSL? > > >On Saturday, June 11, 2005, 07:10:52, Dan Barker wrote: > > >>I'm running IMail 8.15, and I can't figure out how to make SSL work for >>Webmail. >> >>I ran the configuration utility and built a key-pair. The filenames are in >>the registry. I cycled the Web Messaging service. >> >>Internet Explorer says "Can't find server". >> >>Ethereal trace captures the traffic and the server IS responding, just not >>to IE's satisfaction. >> >> I see: >> ... [SNIP] ... >>Same result with Firefox, although with a meaningful message (Firefox >>and mail.kitepilot.net cannot communicate securely because they have >>no common encryption algorithms.) >> >> > >Browsers now-a-days often have the less secure (e.g. 40-bit keys) >methods disabled. Check and see if you have any that are disabled and if >so temporarily enable them to see if it starts working. > >-- >[EMAIL PROTECTED] "The avalanche has already started, it is too >Rod Dorman late for the pebbles to vote." - Ambassador Kosh > > >To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html >List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > >To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html >List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
