Re: SSL Error : bad handshake record MAC

Mon, 22 Nov 2004 13:42:09 -0800 

Hi Sylvain

May be you can revisit the original settings for SSL,  I have managed to do it 
with GMail which
uses ssl by:
1/ upgrading to javamail 1.3.2 and putting the new mail.jar in james.sar.
2/ use the algorithm "pop3s" in my james-fetchmail.xml
3/ add the port number for ssl connection.

All in all, like this:
        
<javaMailProviderName>pop3s</javaMailProviderName>      
<javaMailProperties>
        <property name="port" value="995"/>
</javaMailProperties>

Hope this helps you

Benoit.
--- Sylvain Vieujot <[EMAIL PROTECTED]> wrote:

> I'm trying to configure James with POP3SSL.
> 
> I followed the instructions from the documentation and got bitten by the
> java.security.NoSuchAlgorithmException problem.
> So, I installed the bouncycastle security provider like instructed on
> the wiki page ( http://wiki.apache.org/james/UsingSSL ).
> Now, I have another problem : javax.net.ssl.SSLHandshakeException: bad
> handshake record MAC (full stack bellow).
> 
> Did anyone had the same problem ?
> I can't figure out if I can solve this by building my keystore
> differently or if it's a problem with the bouncycastle provider.
> 
> Thanks for any help !
> 
> Sylvain.
> 
> My configuration is :
> Client : Evolution 2.02 on Linux Fedora Core 3.
> Server : James 2.2.1-RC1, jdk 1.5.0, Linux Fedora Core 1. (I got the
> same problem with James 2.2.0)
> 
> Code used to generate the keystore (by ant) :
>       <target name="generate-james-keystore" depends="check-james-keystore"
> unless="james.keystore.present">
>     <genkey alias="james"
>                       storetype="jks"
>                       storepass="xxxxx"
>                       keystore="${james.keystore.file}"
>                       keyalg="RSA"
>                       verbose="true">
>                               <dname>
>                                       <param name="O" 
> svalue="WindsOfCabarete.com"/>
>                                       <param name="L" value="Cabarete"/>
>                                       <param name="C" value="DR"/>
>                               </dname>
>               </genkey>
>       </target>
> 
> Stack Trace in pop3server-tsl log :
> 22/11/04 17:16:39 INFO  pop3server-tsl: Connection from
> tdev145-171.codetel.net.do (200.88.145.171)
> 22/11/04 17:16:41 ERROR pop3server-tsl: Exception during connection from
> tdev145-171.codetel.net.do (200.88.145.171) : Connection has been
> shutdown: javax.net.ssl.SSLHandshakeException: bad handshake record MAC
> javax.net.ssl.SSLException: Connection has been shutdown:
> javax.net.ssl.SSLHandshakeException: bad handshake record MAC
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF
> (SSLSocketImpl.java:1154)
>         at com.sun.net.ssl.internal.ssl.AppInputStream.read
> (AppInputStream.java:65)
>         at java.io.BufferedInputStream.read1
> (BufferedInputStream.java:254)
>         at java.io.BufferedInputStream.read
> (BufferedInputStream.java:313)
>         at sun.nio.cs.StreamDecoder$CharsetSD.readBytes
> (StreamDecoder.java:411)
>         at sun.nio.cs.StreamDecoder$CharsetSD.implRead
> (StreamDecoder.java:453)
>         at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)
>         at java.io.InputStreamReader.read(InputStreamReader.java:167)
>         at java.io.BufferedReader.fill(BufferedReader.java:136)
>         at java.io.BufferedReader.read(BufferedReader.java:157)
>         at org.apache.james.util.CRLFTerminatedReader.readLine
> (CRLFTerminatedReader.java:98)
>         at org.apache.james.pop3server.POP3Handler.readCommandLine
> (POP3Handler.java:415)
>         at org.apache.james.pop3server.POP3Handler.handleConnection
> (POP3Handler.java:266)
>         at org.apache.james.util.connection.ServerConnection
> $ClientConnectionRunner.run(ServerConnection.java:417)
>         at org.apache.james.util.thread.ExecutableRunnable.execute
> (ExecutableRunnable.java:55)
>         at org.apache.james.util.thread.WorkerThread.run
> (WorkerThread.java:90)
> Caused by: javax.net.ssl.SSLHandshakeException: bad handshake record MAC
>         at com.sun.net.ssl.internal.ssl.Alerts.getSSLException
> (Alerts.java:150)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal
> (SSLSocketImpl.java:1476)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal
> (SSLSocketImpl.java:1438)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord
> (SSLSocketImpl.java:778)
>         at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake
> (SSLSocketImpl.java:1025)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord
> (SSLSocketImpl.java:619)
>         at com.sun.net.ssl.internal.ssl.AppOutputStream.write
> (AppOutputStream.java:59)
>         at java.io.BufferedOutputStream.flushBuffer
> (BufferedOutputStream.java:65)
>         at java.io.BufferedOutputStream.flush
> (BufferedOutputStream.java:123)
>         at sun.nio.cs.StreamEncoder$CharsetSE.implFlush
> (StreamEncoder.java:410)
>         at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152)
>         at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213)
>         at java.io.BufferedWriter.flush(BufferedWriter.java:236)
>         at java.io.PrintWriter.flush(PrintWriter.java:270)
>         at org.apache.james.util.InternetPrintWriter.println
> (InternetPrintWriter.java:90)
>         at org.apache.james.util.InternetPrintWriter.println
> (InternetPrintWriter.java:187)
>         at org.apache.james.pop3server.POP3Handler.handleConnection
> (POP3Handler.java:263)
>         ... 3 more
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to