On 03/17/2014 10:36 PM, Marc Chamberlin wrote:
Hi - I am trying to test the TLS/SSL connection for my James 2.3.2
server. When using Thunderbird as a client and connecting via TLS/SSL
protocol I don't have any problems sending/receiving email. I am
pretty sure that I have set up my private (self-signed) certificate OK
as this has been working for a long time. I wanted to use TLS/SSL for
access to the RemoteManager and discovered that I cannot test/use
openssl? This is what I am seeing when I try connecting on any of the
ports for the POP3, SMTP or the RemoteManager -
openssl s_client -quiet -connect mydomain.com:portnum
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate
Signing, CN = StartCom Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
140032197080744:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1
alert internal error:s3_pkt.c:1256:SSL alert number 80
140032197080744:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:177:
Internal Error??? This does NOT look very healthy and implies sick
code... Anyone got any ideas on how to fix this?
As always, thanks in advance for any offers of help... Marc...
Turns out I had upgraded my openJDK to version 1.7 and there is a jar
file - sunjce_provider.jar file than needs to be copied in to the lib
directory of James. This is obscurely documented in the config.xml file
where it is easily overlooked. It would be far better to also mention
this on the web page at http://james.apache.org/server/2/usingTLS.html
which is the instructions that I was following to enable TLS/SSL
connections.
Marc...
--
"The Truth is out there" - Spooky
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
