Yes, it say "The Pass phrase entries are identical" and "Teh Key and
Certificate exist". I reentered them anyway, bounced Web Messaging, and get
a similar problem. They must have been identical, but wrong before. Now the
symptom is different.
So, I started over from the beginning. I Created a cert, I selected that
cert, I cycled Web Messaging, and now I get (from Firefox, IE still says
Server not found):
"mail.visioncomm.net has received an incorrect or unexpected message. Error
Code: -12227"
Firefox Sniffer trace says:
Me 4841>HTTPS SYN
Mail HTTPS>4841 SYN,ACK
Me 4841>HTTPS ACK
Me SSLv2 Client Hello
Mail SSLv3 Server Hello, Certificate, Certificate Request, Server Hello
Done
Me SSLv3 Encrypted Alert, Client Key Exchange, Change Cipher Spec,
Encrypted Handshake Message
Mail SSLv3 Alert (21) Level: Fatal (2), Description: Handshake Failure
(40)
Different? Yes. Better? No.
Interestingly, IE wants a CLIENT certificate, before failing to Handshake:
Me 4890>HTTPS SYN
Mail HTTPS>4890 SYN,ACK
Me 4890>HTTPS ACK
Me SSLv2 Client Hello
Mail SSLv3 Server Hello, Certificate, Certificate Request, Server Hello
Done
Me 4890>HTTPS FIN,ACK
Mail HTTPS>4890 ACK
Mail HTTPS>4890 FIN
5 seconds go by as IE presents the "Choose a digital certificate" dialog.
Me 4891>HTTPS SYN
Mail HTTPS>4891 SYN,ACK
Me 4891>HTTPS ACK
Me SSLv2 Client Hello
Mail SSLv3 Server Hello, Certificate, Certificate Request, Server Hello
Done
Me SSLv3 Encrypted Alert, Client Key Exchange, Certificate verify,
change cipher Spec, Encrypted Handshake Message
Mail SSLv3 Alert (21) Level: Fatal (2), Description: Bad Certificate
(42)
Does IMail require a Personal Certificate? Will that work with Firefox? Does
that have anything to do with this problem?
btw, this has not worked for me in many many releases. I believe I first
tried SSL about 18 months ago. I just figured it was something that didn't
work for anybody.
Dan
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Eric Shanbrom
Sent: Sunday, June 12, 2005 12:34 AM
To: [email protected]
Subject: Re: [IMail Forum] What's the trick to SSL?
In the SSL configuration utility in the IMail program group, when you
selected the cert/key pair, did you re-enter the pass phrase? This needs
to be done.
eric S
Dan Barker wrote:
I can find no such settings in IE 6 or Firefox. I'd expect a
different/better error message from Firefox if that was the issue, tho.
Thanks,
Dan
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Rod Dorman
Sent: Saturday, June 11, 2005 10:56 AM
To: [email protected]
Subject: Re: [IMail Forum] What's the trick to SSL?
On Saturday, June 11, 2005, 07:10:52, Dan Barker wrote:
I'm running IMail 8.15, and I can't figure out how to make SSL work for
Webmail.
I ran the configuration utility and built a key-pair. The filenames are in
the registry. I cycled the Web Messaging service.
Internet Explorer says "Can't find server".
Ethereal trace captures the traffic and the server IS responding, just not
to IE's satisfaction.
I see:
... [SNIP] ...
Same result with Firefox, although with a meaningful message (Firefox
and mail.kitepilot.net cannot communicate securely because they have
no common encryption algorithms.)
Browsers now-a-days often have the less secure (e.g. 40-bit keys)
methods disabled. Check and see if you have any that are disabled and if
so temporarily enable them to see if it starts working.
--
[EMAIL PROTECTED] "The avalanche has already started, it is too
Rod Dorman late for the pebbles to vote." – Ambassador Kosh
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
