Re: TLS Handshake and Certificate problems (Gmail)
Hello Assad, On Sun, 12 Apr 2020 13:25:24 +0400 GMT (12-Apr-20, 16:25 +0700 GMT), Assad Baroot wrote: >>> Maxim wrote this in the list of changes in version 9.1.10: >>> >>> [-] The Bat! did require "Key Encipherment" or "Key Agreement" in >>> "Key Usage" certificate attribute for TLS even if the certificate >>> was only used to sign ephemeral keys to provide perfect forward >>> secrecy. If a server only supports perfect forward secrecy TLS >>> cipher suites, the certificate used by this server may have no >>> "Key Encipherment" or "Key Agreement" in the "Key Usage" >>> attribute. M>> I wish I could understand what all that means, sounds "like Chinese" M>> to me. > I don't understand either but since this version, I no longer get > the TLS error. I suppose Maxim wanted to say he fixed the > certificate problem. Not working in this version. Since it is not avast (MAU and Avrim confirmed that they don't use it), I have opened open a bug report: https://bt.ritlabs.com/view.php?id=1989 -- Cheers, Thomas. Message reply created with The Bat! Version 9.1.12.1 (BETA) (64-bit) under Windows 10.0 Build 18362 Current version is 8.0.18 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: TLS Handshake and Certificate problems
I am coming late to this "party," having been offline since April 8. I use The Bat for 18 e-mail accounts: 5 private domains, a dormant Yahoo account, and 12 Gmail accounts. Beginning April 7 I have been unable to send mail from any of the Gmail accounts. The error message is "The server has aborted the connection." and, like everyone else, the log file shows "TLS handshake failure. Invalid server certificate (The certificate cannot be used for this purpose." I have never used Avast. I use Bitdefender and have done so for nearly 6 years and I use The Bat ver. 7.4.16. Not version 8 and not version 9. My wife has a separate installation of The Bat on her computer (ver 5.8.8), with the same 12 Gmail accounts.Curiously, she doesn't seem to have any problem sending e-mail from at least two of the 12 Gmail accounts. We haven't checked the other 10 accounts.Because I access this forum from a gmail account, I am only able to send this e-mail because I have accessed my gmail account online. Reading through this thread it appears that a definitive solution has yet to be found and it seems that updating to the latest version has its own problems.Maxim may have fixed the problem for ver 9.1.10, but it sounds like ver 9 has other problems. So, can this problem be fixed from those of us with earlier versions? I would not object to upgrading to ver 9, but it seems that there are other problems with ver. 9. Should I revert to ver. 5.8.8? -- Avi Avram Sacks, using The Bat! Pro ver. 7.1.18 on Win 7 Pro Current version is 8.0.18 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: TLS Handshake and Certificate problems
Hello Thomas, > What antivirus software do you use? I don't use any antivirus plug-in specific for TB. As a general purpose one I use ESET-NOD32 -- Best regards, Miguel A. Urech (Els Poblets (Alicante) - Spain) Using The Bat! v9.1.12.1 (BETA) Current version is 8.0.18 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re:TLS Handshake and Certificate problems
Hello MAU, On Sunday, 12 April 2020, Mau wrote and made these points on the subject of "TLS Handshake and Certificate problems": M> Hello Assad, >> Maxim wrote this in the list of changes in version 9.1.10: >> >> [-] The Bat! did require "Key Encipherment" or "Key Agreement" in >> "Key Usage" certificate attribute for TLS even if the certificate >> was only used to sign ephemeral keys to provide perfect forward >> secrecy. If a server only supports perfect forward secrecy TLS >> cipher suites, the certificate used by this server may have no >> "Key Encipherment" or "Key Agreement" in the "Key Usage" >> attribute. M> I wish I could understand what all that means, sounds "like Chinese" M> to me. I don't understand either but since this version, I no longer get the TLS error. I suppose Maxim wanted to say he fixed the certificate problem. -- Best regards, Assad Using The Bat! Version 9.1.12 (64-bit) under Windows 10.0 Build 18363 Processor: AMD Ryzen 7 3700X | Installed Physical Memory: 16.0 GB Current version is 8.0.18 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: TLS Handshake and Certificate problems
Hello Assad, > Maxim wrote this in the list of changes in version 9.1.10: > > [-] The Bat! did require "Key Encipherment" or "Key Agreement" in > "Key Usage" certificate attribute for TLS even if the certificate > was only used to sign ephemeral keys to provide perfect forward > secrecy. If a server only supports perfect forward secrecy TLS > cipher suites, the certificate used by this server may have no > "Key Encipherment" or "Key Agreement" in the "Key Usage" > attribute. I wish I could understand what all that means, sounds "like Chinese" to me. -- Best regards, Miguel A. Urech (Els Poblets (Alicante) - Spain) Using The Bat! v9.1.12.1 (BETA) Current version is 8.0.18 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
