Re: GMail certificate not being 'sent' or something
Hi z5worg and list, On Wednesday, September 14, 2005 at 22:52:30 GMT -0400 (which was 04:52 where I live) [EMAIL PROTECTED] wrote (at least in parts) and made these valuable points on the subject of GMail certificate not being 'sent' or something: Does Secure connection for email requires that it be offered by the ISP? It does. Or one can simply configure and use the secure connection -- independent of the ISP? You can't as the mail server does not know anything about secure (crypted) connections unless it's configured to use those. Same question for POP3. Same answer :-) -- Regards Michael powered by The BAT! 3.61.04 beta, , and MyMacros 1.11a with usual problems of Windows 2000 Pro 5.0 Build 2195 Service Pack 4 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: GMail certificate not being 'sent' or something
Hi Stuart and list, On Monday, September 12, 2005 at 15:46:22 GMT -0500 (which was 22:46 where I live) Stuart Cuddy wrote (at least in parts) and made these valuable points on the subject of GMail certificate not being 'sent' or something: Could someone explain why it is necessary to have a certificate for this. Hmm - dunno exactly, but some time ago same thing happened to me. After an update I lost all Thawte Root Certificates from my adressbook Trusted Roots. Getting rid of my old TB! installation and installing anew from last official version brought them all back again. With S/MIME certificates there is a certification path which is followed by TB! when verifying the actual certificate. If one (intermediate or root) certificate is missing in the chain, TB! will complain (and with TLS not accept the connection). Usually the root certificates are supplied by Ritlabs and installed when you install TB! on your machine. Why they get lost some times? I have no clue at all. -- Regards Michael powered by The BAT! 3.61.03 beta, Bayes Filter Plugin v2.0.4, and MyMacros 1.11a with usual problems of Windows 2000 Pro 5.0 Build 2195 Service Pack 4 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: GMail certificate not being 'sent' or something
Hello Michael, A reminder of what Michael Geyer typed on: Tuesday, September 13, 2005 at 11:12:28 GMT +0200 MG With S/MIME certificates there is a certification path which is MG followed by TB! when verifying the actual certificate. So this is strictly S/MIME related. I do not use any sort of encryption so I guess this is why it is not an issue for me. -- Best regards, Stuartmailto:[EMAIL PROTECTED] Using The Bat! v3.61.03 beta On Windows XP 5.1 Build #2600 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: GMail certificate not being 'sent' or something
Hi Stuart and list, On Tuesday, September 13, 2005 at 07:28:58 GMT -0500 (which was 14:28 where I live) Stuart Cuddy wrote (at least in parts) and made these valuable points on the subject of GMail certificate not being 'sent' or something: MG With S/MIME certificates there is a certification path which is MG followed by TB! when verifying the actual certificate. So this is strictly S/MIME related. As opposed to PGP: yes. But as you can see from Marten's problem and my similar experience this kind of certification is used with TLS (SSL) transport-encryption too. (X-509 certificate comes to mind, but I'm _not_ an expert regarding encryption by any means). I do not use any sort of encryption so I guess this is why it is not an issue for me. Yep. Just keep in mind that a secure connection (like G-mail) _is_ encrypted. -- Regards Michael powered by The BAT! 3.61.04 beta, and MyMacros 1.11a with usual problems of Windows 2000 Pro 5.0 Build 2195 Service Pack 4 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[4]: GMail certificate not being 'sent' or something
Monday, September 12, 2005, Michael Acklin [EMAIL PROTECTED] wrote: . Make sure you have the following set up: Send Mail: Server: smtp.gmail.com Authentication: SMTP Authentication Checked Specific Settings: User Name and Password Connection: Secure to Regular Port (STARTTLS)* Port: 587 Does Secure connection for email requires that it be offered by the ISP? Or one can simply configure and use the secure connection -- independent of the ISP? Receive Mail: Server: pop.gmail.com Authentication: Regular User: Password: Connection: Secure to Dedicated Port {TLS)* Port: 995 Same question for POP3. -- Thanks in advance Using The Bat! 2.12.04 Under Windows 98 4.10 Build A Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
GMail certificate not being 'sent' or something
My GMail account log says this: 12/09/2005, 15:25:24: FETCH - receiving mail messages 12/09/2005, 15:25:25: FETCH - Initiating TLS handshake 12/09/2005, 15:25:25: FETCH - Certificate S/N: 20B9F9, algorithm: RSA (1024 bits), issued from 13 Dec 2004 to 13 Dec 2005, for 1 host(s): pop.gmail.com. 12/09/2005, 15:25:25: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com. 12/09/2005, 15:25:25: FETCH - Issuer: ZA, Western Cape, Cape Town, Thawte Consulting cc, Certification Services Division, Thawte Server CA, [EMAIL PROTECTED] !12/09/2005, 15:25:25: FETCH - TLS handshake failure. Invalid server certificate (The issuer of this certificate chain was not found). When ever I do a Send and Receive for the account using POP with all the right settings in 'Transport' I still get this. Anyone any ieas as to how to cure this? -- Marten Gallagher Annery Kiln Web Design www.annerykiln.co.uk Using The Bat! 3.5.25 with POPFile 0.22.1 on Windows XP 5.1 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: GMail certificate not being 'sent' or something
Hello admin, Monday, September 12, 2005, 9:30:36 AM, you wrote: Anyone any ieas as to how to cure this? Sorry, I can't think of anything that would cause this. I just looked at my log and here's what it said: 9/12/2005, 09:29:02: FETCH - receiving mail messages 9/12/2005, 09:29:05: FETCH - Initiating TLS handshake 9/12/2005, 09:29:06: FETCH - Certificate S/N: 20B9F9, algorithm: RSA (1024 bits), issued from 13 Dec 2004 to 13 Dec 2005, for 1 host(s): pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Issuer: ZA, Western Cape, Cape Town, Thawte Consulting cc, Certification Services Division, Thawte Server CA, [EMAIL PROTECTED] 9/12/2005, 09:29:06: FETCH - TLS handshake complete 9/12/2005, 09:29:06: FETCH - connected to POP3 server 9/12/2005, 09:29:08: FETCH - authenticated (plain) 9/12/2005, 09:29:08: FETCH - 0 messages in the mailbox, 0 new 9/12/2005, 09:29:09: FETCH - connection finished - 0 messages received Looks identical to yours except the TLS Handshake failing. Again, sorry I can't help out further... -- Best regards, Michaelmailto:[EMAIL PROTECTED] Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: GMail certificate not being 'sent' or something
Hello admin, Monday, September 12, 2005, 9:30:36 AM, you wrote: Anyone any ieas as to how to cure this? Sorry, I can't think of anything that would cause this. I just looked at my log and here's what it said: 9/12/2005, 09:29:02: FETCH - receiving mail messages 9/12/2005, 09:29:05: FETCH - Initiating TLS handshake 9/12/2005, 09:29:06: FETCH - Certificate S/N: 20B9F9, algorithm: RSA (1024 bits), issued from 13 Dec 2004 to 13 Dec 2005, for 1 host(s): pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Issuer: ZA, Western Cape, Cape Town, Thawte Consulting cc, Certification Services Division, Thawte Server CA, [EMAIL PROTECTED] 9/12/2005, 09:29:06: FETCH - TLS handshake complete 9/12/2005, 09:29:06: FETCH - connected to POP3 server 9/12/2005, 09:29:08: FETCH - authenticated (plain) 9/12/2005, 09:29:08: FETCH - 0 messages in the mailbox, 0 new 9/12/2005, 09:29:09: FETCH - connection finished - 0 messages received Looks identical to yours except the TLS Handshake failing. Again, sorry I can't help out further... Hmmm... When you have a moment could yout ell me exactly how you've got the SMTP and POP authorisation settings done in 'TRansport' for that Account? -- Marten Gallagher Annery Kiln Web Design www.annerykiln.co.uk Using The Bat! 3.5.25 with POPFile 0.22.1 on Windows XP 5.1 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: GMail certificate not being 'sent' or something
Hello admin, Monday, September 12, 2005, 9:30:36 AM, you wrote: Anyone any ieas as to how to cure this? Sorry, I can't think of anything that would cause this. I just looked at my log and here's what it said: 9/12/2005, 09:29:02: FETCH - receiving mail messages 9/12/2005, 09:29:05: FETCH - Initiating TLS handshake 9/12/2005, 09:29:06: FETCH - Certificate S/N: 20B9F9, algorithm: RSA (1024 bits), issued from 13 Dec 2004 to 13 Dec 2005, for 1 host(s): pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Issuer: ZA, Western Cape, Cape Town, Thawte Consulting cc, Certification Services Division, Thawte Server CA, [EMAIL PROTECTED] 9/12/2005, 09:29:06: FETCH - TLS handshake complete 9/12/2005, 09:29:06: FETCH - connected to POP3 server 9/12/2005, 09:29:08: FETCH - authenticated (plain) 9/12/2005, 09:29:08: FETCH - 0 messages in the mailbox, 0 new 9/12/2005, 09:29:09: FETCH - connection finished - 0 messages received Looks identical to yours except the TLS Handshake failing. Again, sorry I can't help out further... Hmmm... When you have a moment could yout ell me exactly how you've got the SMTP and POP authorisation settings done in 'TRansport' for that Account? Could you also have a look in the Address Book under Trusted Root CA and go to Thawte Server CA - [EMAIL PROTECTED] and right click properties and then the tab Certificates and tell me if there is anything in there? My certificates list is empty. -- Marten Gallagher Annery Kiln Web Design www.annerykiln.co.uk Using The Bat! 3.5.25 with POPFile 0.22.0 on Windows XP 5.1 Marten Gallagher Marten Gallagher Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: GMail certificate not being 'sent' or something
Hi Martin, Monday, September 12, 2005, 1:00:02 PM, you wrote: MG Could you also have a look in the Address Book under Trusted Root CA MG and go to Thawte Server CA - [EMAIL PROTECTED] and right click MG properties and then the tab Certificates and tell me if there is MG anything in there? MG My certificates list is empty. Mine is not empty. I'd recommend that you visit the Thawte web site and have them issue you another certificate and specify that you want the Trusted Root CA *included* when it is issued. There is an option to include it when you get the certificate issued. Then after it is installed in your browser (either in IE or as in my case in Firefox), export that certificate to you desktop and then import the result into TB! That is what I did. Just having a certificate in your browser doesn't automatically install it in TB!, and this _could_ be why you're having problems with Gmail. Feel free to send me a PM signed with your S/Mime certificate, if you like, just to see whether you are able to do that before following my suggestion. If you are *not* able to do so, that would indicate that my suggestion may be worthwhile. Just for this message, I'll sign this message with my S/Mime certificate to illustrate. -- Regards, Perry Using The Bat! v3.60.07 on Windows XP 5.1 Build 2600 Service Pack 2 smime.p7s Description: S/MIME Cryptographic Signature Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: GMail certificate not being 'sent' or something
Hi Martin, Monday, September 12, 2005, 1:00:02 PM, you wrote: MG Could you also have a look in the Address Book under Trusted Root CA MG and go to Thawte Server CA - [EMAIL PROTECTED] and right click MG properties and then the tab Certificates and tell me if there is MG anything in there? MG My certificates list is empty. Mine is not empty. I'd recommend that you visit the Thawte web site and have them issue you another certificate and specify that you want the Trusted Root CA *included* when it is issued. There is an option to include it when you get the certificate issued. Then after it is installed in your browser (either in IE or as in my case in Firefox), export that certificate to you desktop and then import the result into TB! That is what I did. Just having a certificate in your browser doesn't automatically install it in TB!, and this _could_ be why you're having problems with Gmail. Feel free to send me a PM signed with your S/Mime certificate, if you like, just to see whether you are able to do that before following my suggestion. If you are *not* able to do so, that would indicate that my suggestion may be worthwhile. Just for this message, I'll sign this message with my S/Mime certificate to illustrate. Thanks for the detailed guidance but I've just spent two hours trying to get the right sort of certificate and trying to work out how to import and FireFox refuses to import anything, I can't find where in TB to import a certificate. And frankly I don't see why I should be having to do this just to collect the occasional GMail email It all seemed a good idea at the time. But frankly time is too precious. -- Marten Gallagher Annery Kiln Web Design www.annerykiln.co.uk Using The Bat! 3.5.25 with POPFile 0.22.1 on Windows XP 5.1 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: GMail certificate not being 'sent' or something
Hello Marten, Monday, September 12, 2005, 3:19:09 PM, you wrote: MG And frankly I don't see why I should be having to do this just to MG collect the occasional GMail email MG It all seemed a good idea at the time. But frankly time is too precious. Could someone explain why it is necessary to have a certificate for this. I download my gmail to my fastmail account and then use IMAP to access it in TB and I do not use any certificates that I know of. Does it have something to do with OTFE or PGP or what. -- Best regards, Stuartmailto:[EMAIL PROTECTED] Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: GMail certificate not being 'sent' or something
Hi Marten, Monday, September 12, 2005, 4:19:09 PM, you wrote: MG And frankly I don't see why I should be having to do this just to MG collect the occasional GMail email. My guess is that you didn't include the Trusted Root CA in the certificate when it was issued originally and consequently it can't be used for a secure connection. However, that is only a guess based on your description of your difficulties. MG It all seemed a good idea at the time. But frankly time is too MG precious. I understand. If you choose to pursue it further, you are welcome to contact me off list. -- Regards, Perry Using The Bat! v3.60.07 on Windows XP 5.1 Build 2600 Service Pack 2 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: GMail certificate not being 'sent' or something
Hello Marten, Monday, September 12, 2005, 11:37:24 AM, you wrote: Hmmm... When you have a moment could yout ell me exactly how you've got the SMTP and POP authorisation settings done in 'TRansport' for that Account? Sure Marten, here's what I posted yesterday to Admin about this. But Admin said he had it all set up correctly also. Anyway here's my setup: In The Bat!, go to Account/Properties/Transport Make sure you have the following set up: Send Mail: Server: smtp.gmail.com Authentication: SMTP Authentication Checked Specific Settings: User Name and Password Connection: Secure to Regular Port (STARTTLS)* Port: 587 Receive Mail: Server: pop.gmail.com Authentication: Regular User: Password: Connection: Secure to Dedicated Port {TLS)* Port: 995 * These are the 2 settings that I had to mess with the most. -- Best regards, Michaelmailto:[EMAIL PROTECTED] Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[4]: GMail certificate not being 'sent' or something
Hello Admin, Monday, September 12, 2005, 12:00:02 PM, you wrote: Hello admin, Monday, September 12, 2005, 9:30:36 AM, you wrote: Anyone any ieas as to how to cure this? Sorry, I can't think of anything that would cause this. I just looked at my log and here's what it said: 9/12/2005, 09:29:02: FETCH - receiving mail messages 9/12/2005, 09:29:05: FETCH - Initiating TLS handshake 9/12/2005, 09:29:06: FETCH - Certificate S/N: 20B9F9, algorithm: RSA (1024 bits), issued from 13 Dec 2004 to 13 Dec 2005, for 1 host(s): pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Issuer: ZA, Western Cape, Cape Town, Thawte Consulting cc, Certification Services Division, Thawte Server CA, [EMAIL PROTECTED] 9/12/2005, 09:29:06: FETCH - TLS handshake complete 9/12/2005, 09:29:06: FETCH - connected to POP3 server 9/12/2005, 09:29:08: FETCH - authenticated (plain) 9/12/2005, 09:29:08: FETCH - 0 messages in the mailbox, 0 new 9/12/2005, 09:29:09: FETCH - connection finished - 0 messages received Looks identical to yours except the TLS Handshake failing. Again, sorry I can't help out further... Hmmm... When you have a moment could yout ell me exactly how you've got the SMTP and POP authorisation settings done in 'TRansport' for that Account? Could you also have a look in the Address Book under Trusted Root CA and go to Thawte Server CA - [EMAIL PROTECTED] and right click properties and then the tab Certificates and tell me if there is anything in there? My certificates list is empty. Mine is not empty either. I have attached an export of the Thawte Cert for you, but I don't know if that is really advisable or not. You can go to the same place you directed me to and at the bottom left side there is a IMPORT button. I guess you just import the attached certificate. Hope this helps... -- Best regards, Michaelmailto:[EMAIL PROTECTED] Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[5]: GMail certificate not being 'sent' or something
Hello Admin, Monday, September 12, 2005, 12:00:02 PM, you wrote: Hello admin, Monday, September 12, 2005, 9:30:36 AM, you wrote: Anyone any ieas as to how to cure this? Sorry, I can't think of anything that would cause this. I just looked at my log and here's what it said: 9/12/2005, 09:29:02: FETCH - receiving mail messages 9/12/2005, 09:29:05: FETCH - Initiating TLS handshake 9/12/2005, 09:29:06: FETCH - Certificate S/N: 20B9F9, algorithm: RSA (1024 bits), issued from 13 Dec 2004 to 13 Dec 2005, for 1 host(s): pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com. 9/12/2005, 09:29:06: FETCH - Issuer: ZA, Western Cape, Cape Town, Thawte Consulting cc, Certification Services Division, Thawte Server CA, [EMAIL PROTECTED] 9/12/2005, 09:29:06: FETCH - TLS handshake complete 9/12/2005, 09:29:06: FETCH - connected to POP3 server 9/12/2005, 09:29:08: FETCH - authenticated (plain) 9/12/2005, 09:29:08: FETCH - 0 messages in the mailbox, 0 new 9/12/2005, 09:29:09: FETCH - connection finished - 0 messages received Looks identical to yours except the TLS Handshake failing. Again, sorry I can't help out further... Hmmm... When you have a moment could yout ell me exactly how you've got the SMTP and POP authorisation settings done in 'TRansport' for that Account? Could you also have a look in the Address Book under Trusted Root CA and go to Thawte Server CA - [EMAIL PROTECTED] and right click properties and then the tab Certificates and tell me if there is anything in there? My certificates list is empty. Mine is not empty either. I have attached an export of the Thawte Cert for you, but I don't know if that is really advisable or not. You can go to the same place you directed me to and at the bottom left side there is a IMPORT button. I guess you just import the attached certificate. Hope this helps... No attachment. Maybe direct to [EMAIL PROTECTED] -- Marten Gallagher Annery Kiln Web Design www.annerykiln.co.uk Using The Bat! 3.5.25 with POPFile 0.22.1 on Windows XP 5.1 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: GMail certificate not being 'sent' or something
Marten- Monday, September 12, 2005, 1:19:09 PM, you wrote: anything, I can't find where in TB to import a certificate. And frankly I don't see why I should be having to do this just to collect the occasional GMail email I have no certificates here and gmail is working fine. You're using the right ports, yes? pop: port 995 secure to dedicated port (TLS) full address as user name: [EMAIL PROTECTED] authentication: regular smtp: port 587 secure to regular port (STARTTLS) Perform SMTP authentication pop-before-smtp -- -Mark Wieder Using The Bat! v1.63 Beta/7 on Windows 2000 5.0 Build 2195 Service Pack 4 Current version is 3.60.7 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html