subject:"\[MDaemon\-L\] error Certificate"

[MDaemon-L] error certificate

2017-09-26 Terurut Topik Syafril Hermansyah

On 2017-09-26 18:20, Panji Agung wrote:
> kami menerima error berikut saat akan terima email
> 

> Tue 2017-09-26 16:58:40.970: 04: * SSL error 0x80090327 An unknown error 
> occurred while processing the certificate.


Ada error saat handshaking STARTTLS.

error 0x80090327 artinya SEC_E_CERT_UNKNOWN atau TLS1_ALERT_BAD_CERTIFICATE.

Apakah sudah update Windows OS?
Kalau belum maka di whitelist saja sender host seperti yahoo.com dulu.

https://www.mail-archive.com/mdaemon-l@dutaint.com/msg41639.html


-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, MDaemon 17.5.0-64 Beta RC3, SP 5.1.0-64
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Apa yang Anda sukai pada diri org-2x lain pada umumnya juga adalah yang mereka
sukai pada diri Anda
--Lord Chesterfield, 1694-1773

-- 
--MDaemon-L--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 17.0.3, SP 5.1.0, OC 4.5.1, SG 4.5.1

[MDaemon-L] error certificate

2017-09-26 Terurut Topik Panji Agung

Hi pak Syafril

kami menerima error berikut saat akan terima email

Tue 2017-09-26 16:58:39.567: 05: Session 719235; child 0001
Tue 2017-09-26 16:58:39.567: 05: Accepting SMTP connection from
146.101.78.191:55056 to 10.77.209.13:25
Tue 2017-09-26 16:58:39.569: 03: --> 220 intangading.co.id ESMTP MDaemon
16.5.2; Tue, 26 Sep 2017 16:58:39 +0700
Tue 2017-09-26 16:58:40.158: 02: <-- EHLO eu-smtp-delivery-191.mimecast.com
Tue 2017-09-26 16:58:40.159: 03: --> 250-intangading.co.id Hello
eu-smtp-delivery-191.mimecast.com [146.101.78.191], pleased to meet you
Tue 2017-09-26 16:58:40.159: 03: --> 250-ETRN
Tue 2017-09-26 16:58:40.159: 03: --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Tue 2017-09-26 16:58:40.159: 03: --> 250-8BITMIME
Tue 2017-09-26 16:58:40.159: 03: --> 250-ENHANCEDSTATUSCODES
Tue 2017-09-26 16:58:40.159: 03: --> 250-STARTTLS
Tue 2017-09-26 16:58:40.159: 03: --> 250 SIZE 35875000
Tue 2017-09-26 16:58:40.425: 02: <-- STARTTLS
Tue 2017-09-26 16:58:40.425: 03: --> 220 2.7.0 Ready to start TLS
Tue 2017-09-26 16:58:40.970: 04: * SSL error 0x80090327 An unknown error
occurred while processing the certificate.
Tue 2017-09-26 16:58:40.970: 04: SMTP session terminated (Bytes in/out:
288/1613)

Mohon bantuanya pak

terima kasih

-- 
--MDaemon-L--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 17.0.3, SP 5.1.0, OC 4.5.1, SG 4.5.1

[MDaemon-L] error Certificate

2016-09-16 Terurut Topik Syafril Hermansyah

On 16/09/16 15:48, Yarohim wrote:
> ada error ketika koneksi ke dip33

> Fri 2016-09-16 15:39:20.759: 01: [332873] SSL negotiation successful
> (TLS 1.2, 384 bit key exchange, 256 bit AES encryption)
> Fri 2016-09-16 15:39:20.760: 01: [332873] SSL certificate is not valid
> (does not match dip33.dutaint.com  and/or is
> not signed by recognized CA)
> 
> berikut error lognya
> apakah ini wajar ?

Ya, itu wajar kalau pakai SSL Self Sign Certificate.

> atau ada yang harus di set

Tidak perlu, itu bukan fatal error dan transaksi berjalan terus sampai
selesai.

Itu fitur baru di MD 16.5 yang kami pakai, dalam rangka penyiapan
dukungan terhadap Protocol STS (Strict Transport Security) yang baru.

http://files.altn.com/mdaemon/release/relnotes_en.html

CHANGES AND NEW FEATURES

[16884] MDaemon's SMTP and POP clients now validate SSL certificates
presented to them by remote hosts. However, no action other than a line
added to the log is taken at this time pending further work in the IETF
regarding the various competing STS-like proposals. So for now you will
only see a line in the log indicating whether the remote host's name is
a match for the certificate it presents (or not) and whether that
certificate chains to a valid certificate authority recognized by
Windows (or not). Don't panic if you see a lot of "invalid" SSL
certificates presented. Such certificates are perfectly fine for
encrypting data transmission. They are "invalid" because they are either
self-signed or do not match the host name expected (or both). In such
cases you can be sure encryption is happening. Various weaknesses in TLS
(of which its opportunistic nature and acceptance of nearly all
certificates are major examples) are being worked on by industry experts
and will make their way into products and services once that work has
completed.

-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, MDaemon 16.5-64, SP 5.0.1-64
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Pendidikan yg sebetulnya adalah menarik yg terbaik dari diri Anda sendiri
-- Mohandas Gandhi

-- 
--MDaemon-L--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 16.5.0, SP 5.0.1, OC 4.0, SG 4.0.1

[MDaemon-L] error Certificate

2016-09-16 Terurut Topik Yarohim

Dear Pak Syafril
ada error ketika koneksi ke dip33
Fri 2016-09-16 15:39:20.759: 01: [332873] SSL negotiation successful (TLS
1.2, 384 bit key exchange, 256 bit AES encryption)
Fri 2016-09-16 15:39:20.760: 01: [332873] SSL certificate is not valid
(does not match dip33.dutaint.com and/or is not signed by recognized CA)

berikut error lognya
apakah ini wajar ?
atau ada yang harus di set

Fri 2016-09-16 15:39:20.445: 05: [332873] Attempting Mail Release
connection to dip33.dutaint.com
Fri 2016-09-16 15:39:20.445: 05: [332873] *  dip33.dutaint.com found in
internal  lookup black-list
Fri 2016-09-16 15:39:20.445: 05: [332873] Resolving A record for
dip33.dutaint.com (DNS Server: 202.92.202.92)...
Fri 2016-09-16 15:39:20.447: 05: [332873] *  D=dip33.dutaint.com TTL=(1161)
A=[103.253.112.239]
Fri 2016-09-16 15:39:20.447: 05: [332873] Attempting Mail Release
connection to 103.253.112.239:366
Fri 2016-09-16 15:39:20.448: 05: [332873] Waiting for socket connection...
Fri 2016-09-16 15:39:20.450: 05: [332873] *  Connection established
192.168.10.254:50541 --> 103.253.112.239:366
Fri 2016-09-16 15:39:20.450: 05: [332873] Dequeue host  : 103.253.112.239
Fri 2016-09-16 15:39:20.450: 05: [332873] Dequeue port  : 366
Fri 2016-09-16 15:39:20.450: 05: [332873] Dequeue string: ATRN pttms.co.id
Fri 2016-09-16 15:39:20.450: 05: [332873] Waiting for protocol to start...
Fri 2016-09-16 15:39:20.459: 02: [332873] <-- 220 dip33.dutaint.com ESMTP
MDaemon 16.5.0; Fri, 16 Sep 2016 15:39:50 +0700
Fri 2016-09-16 15:39:20.459: 03: [332873] --> EHLO pttms.co.id
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250-dip33.dutaint.com Hello
pttms.co.id [202.92.200.25], pleased to meet you
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250-ETRN
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250-AUTH LOGIN CRAM-MD5 PLAIN
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250-8BITMIME
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250-ENHANCEDSTATUSCODES
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250-STARTTLS
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250-ATRN
Fri 2016-09-16 15:39:20.462: 02: [332873] <-- 250 SIZE 3072
Fri 2016-09-16 15:39:20.462: 03: [332873] --> STARTTLS
Fri 2016-09-16 15:39:20.464: 02: [332873] <-- 220 2.7.0 Ready to start TLS
*Fri 2016-09-16 15:39:20.759: 01: [332873] SSL negotiation successful (TLS
1.2, 384 bit key exchange, 256 bit AES encryption)*
*Fri 2016-09-16 15:39:20.760: 01: [332873] SSL certificate is not valid
(does not match dip33.dutaint.com  and/or is not
signed by recognized CA)*
Fri 2016-09-16 15:39:20.760: 03: [332873] --> EHLO pttms.co.id
Fri 2016-09-16 15:39:20.764: 02: [332873] <-- 250-dip33.dutaint.com Hello
pttms.co.id [202.92.200.25], pleased to meet you
Fri 2016-09-16 15:39:20.764: 02: [332873] <-- 250-ETRN
Fri 2016-09-16 15:39:20.764: 02: [332873] <-- 250-AUTH LOGIN CRAM-MD5 PLAIN
Fri 2016-09-16 15:39:20.764: 02: [332873] <-- 250-8BITMIME
Fri 2016-09-16 15:39:20.764: 02: [332873] <-- 250-ENHANCEDSTATUSCODES
Fri 2016-09-16 15:39:20.764: 02: [332873] <-- 250-ATRN
Fri 2016-09-16 15:39:20.764: 02: [332873] <-- 250 SIZE 3072
Fri 2016-09-16 15:39:20.764: 03: [332873] --> AUTH CRAM-MD5
Fri 2016-09-16 15:39:20.766: 02: [332873] <-- 334
PE1EQUVNT04tRjIwMTYwOTE2MTUzOS5BQTM5NTEzMDBNRDk2MDVAZGlwMzMuZHV0YWludC5jb20+
Fri 2016-09-16 15:39:20.766: 03: [332873] --> **
Fri 2016-09-16 15:39:20.769: 02: [332873] <-- 235 2.7.0 Authentication
successful
Fri 2016-09-16 15:39:20.769: 01: [332873] Sending dequeue string now
Fri 2016-09-16 15:39:20.769: 03: [332873] --> ATRN pttms.co.id
Fri 2016-09-16 15:39:20.773: 02: [332873] <-- 250 2.2.0 8 messages for
domain pttms.co.id ready
Fri 2016-09-16 15:39:20.775: 01: [332873] Dequeue session completed (Bytes
in/out: 665/448)
Fri 2016-09-16 15:39:20.775: 01: --


thanks
Rohim

-- 
--MDaemon-L--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 16.5.0, SP 5.0.1, OC 4.0, SG 4.0.1

[MDaemon-L] error certificate

[MDaemon-L] error certificate

[MDaemon-L] error Certificate

[MDaemon-L] error Certificate

4 matches

Site Navigation

Mail list logo

Footer information