search for: tlsv1

...56 bits AES256-SHA Accepted SSLv3 128 bits DHE-RSA-AES128-SHA Accepted SSLv3 128 bits AES128-SHA Accepted SSLv3 128 bits RC4-SHA Accepted SSLv3 128 bits RC4-MD5 Accepted SSLv3 112 bits EDH-RSA-DES-CBC3-SHA Accepted SSLv3 112 bits DES-CBC3-SHA Accepted TLSv1 256 bits DHE-RSA-AES256-SHA Accepted TLSv1 256 bits DHE-RSA-CAMELLIA256-SHA Accepted TLSv1 256 bits AES256-SHA Accepted TLSv1 256 bits CAMELLIA256-SHA Accepted TLSv1 128 bits DHE-RSA-AES128-SHA Accepted TLSv1 128 bits DHE-RSA-CAMELLIA128-SHA Accepted TLSv1...

...hout errors and then when i run the "puppet agent -t" agaion i got this error output info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert unknown ca err: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert unknown ca Could not retrieve file metadata for puppet://gfn-puppetmaster/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server ses...

It's nice to see that the OS where CentOS gets its sources from also experiments the same error! I have been very busy lately so I haven't had the time to deal with the problem, probably later this week or early next week. As soon as I find something Ill let you know. Hopefully you'll do the same if you come across the solution first. PS. Forwarding this message to the mailing

Hello I am using dovecot with POP3S and IMAPS ports, When client connect to POP3S port (995) , i can see in dovecot log file that the protocol is TLSv1 So how come the protocol is TLSv1 and not SSL ? Does the user connect t port 995 with SSL protocol then encrypt again inside the SSL session to make The TLSv1 protocol ? Or does the client use TLSv1 Protocol immediately when connect to port 995 without Using SSL protocol ? Please Help....

...i, I have set up a mail server with postfix+dovecot 2.2.13 on my raspberry pi running Raspbian Jassie OS. Now I would like to add an on-line e-mail client like Squirrelmail or Roundcube. I was able to start up these two clients but when I try to login I get this error message in the dovecot log: tlsv1 alert unknown ca: SSL alert number 48 But I have inserted the self-signed certificate and key in /etc/dovecot/conf.d/10-master.conf Moreover, I can send and receive e-mails from/to my server, and I can login successfully to dovecot IMAP with Thunderbird. Can somebody give me a clue on how to sol...

...h install of puppet. I have officially entered puppet SSL hell again. Nov 20 14:45:20 mon01 puppetd[5597]: Reopening log files Nov 20 14:45:20 mon01 puppetd[5597]: Starting Puppet client version 0.24.8 Nov 20 14:45:21 mon01 puppetd[5597]: Could not retrieve catalog: Certificates were not trusted: tlsv1 alert decrypt error Solution? I''ve cleared the /var/lib/puppet/ssl keys, done the puppetca --clean etc etc. Doug -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups....

Dear all, I see this error message in my *masterhttp.log* repeatedly: ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 > read client certificate A: tlsv1 alert unknown ca > I saw a similar mail in the list but there was no definitive answer to that post. Does anyone know what am I missing here? I do understand what *unknown ca* means but I can''t think of any reason. Anyone can give me some hints please? Cheers, San -- You receiv...

Hello, I am trying to secure SIP session with TLS on Asterisk Server 1.8. I keep getter an error, == Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca [2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed! I tried both signed and self-signed cert to no avail. Here is my Configuration: Sip.conf tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/box1.pem tlscapath=/et...

Hi, I have a small question with sendmail and tls verification. The tls verify fails on our internal/external sendmail servers. For example: STARTTLS=server, relay=mx1.imt-systems.com [89.146.219.60], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 STARTTLS=server, relay=acsinet12.imt-systems.com [89.146.219.42], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 What's the problem? The sendmail tls certificate should be okay on both servers. Here is th...

..._early_post_process_client_hello:unsupported protocol and TCP/IP traces showed that it dropped the connection after the client's initial HELLO.? I tested what kinds of connections Dovecot would accept with (for example): ??? openssl s_client -tls1_1 -connect localhost:993?? # Test whether TLSv1.1 is accepted - received "unsupported protocol" message. Searching showed that Dovecot has a parameter "ssl_min_protocol", which is documented as defaulting to TLSv1.? Nevertheless I explicitly set it to TLSv1 with no effect.? This was a red herring.? I spent a long time loo...

...#39;'m using the standard webrick server with puppet, and I just started getting this today (for no apparent reason). info: Loading fact custom_facts info: Retrieving plugins err: /File[/var/puppet/lib]: Failed to generate additional resources during transaction: Certificates were not trusted: tlsv1 alert decrypt error err: /File[/var/puppet/lib]: Failed to retrieve current state of resource: Certificates were not trusted: tlsv1 alert decrypt error Could not describe /plugins: Certificates were not trusted: tlsv1 alert decrypt error info: Loading fact custom_facts err: Could not retrieve catal...

> Jan 28 22:42:44 dovecot: imap-login: Disconnected (no auth attempts in 0 > secs): user=<>, rip=192.168.1.16, lip=192.168.1.3, TLS: SSL_read() > failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown > ca: SSL alert number 48, session= > ... > # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> > ssl = yes > ssl_cert = </etc/ssl/certs/dovecot.pem > ssl_key = </etc/ssl/private/dovecot.pem > ssl_ca = </etc/ssl/private/cert.pem Are you using...

...running apache-2.2.15 I see this: # nmap --script ssl-enum-ciphers -p 443 inet09 Starting Nmap 6.01 ( http://nmap.org ) at 2014-10-17 12:48 EDT Nmap scan report for for x.y.z.a Host is up (0.00034s latency). rDNS record for x.y.z.a PORT STATE SERVICE 443/tcp open https | ssl-enum-ciphers: | TLSv1.0 | Ciphers (5) | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength | TLS_RSA_WITH_RC4_128_SHA - strong | Compres...

On 1/18/2015 12:45 AM, Robert Schetterer wrote: > Am 16.01.2015 um 12:24 schrieb Oliver Welter: >> Hi Folks, >> >> after adding TLSv1.2 to by TLS options a lot of Outlook users complaint >> about connection errors, openssl s_client and Thunderbird works fine. >> >> I found some posts about this but none of them had a real solution on >> this - I meanwhile disabled TLSv1.2 which made the Outlook users happy...

When my client connects, I see this in my log: dovecot: imap-login: TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits) Whereas, when client connects to my postfix server, I see: Anonymous TLS connection established from * TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits) how can I tell dovecot to use AES256, instead of AES128 ? is this set by ssl_cipher_list...

Hello together Please i'am new to this list, i have already installed Postfix and Dovecot last version from Internet but i have the porblem that the mail do not arive, and with me Cert, i have read on the Dovecot site, but i don't have me found me solutions to fix this. "tlsv1 alert unknown ca: SSL alert number 48" Jan 28 22:42:44 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=192.168.1.16, lip=192.168.1.3, TLS: SSL_read() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session...

...d puppetd and it appears fine. On the master I run puppetrun as root and get root@plane:/etc/puppet# puppetrun --debug --host planevm1 debug: Parsing /etc/puppet/puppet.conf debug: Puppet::Network::Client::Runner: defining puppetrunner.run /usr/lib/ruby/1.8/net/http.rb:586:in `connect'': tlsv1 alert unknown ca (OpenSSL::SSL::SSLError) from /usr/lib/ruby/1.8/net/http.rb:586:in `connect'' from /usr/lib/ruby/1.8/net/http.rb:553:in `do_start'' from /usr/lib/ruby/1.8/net/http.rb:548:in `start'' from /usr/lib/ruby/1.8/puppet/network/xmlrp...

...r=<%u> method=%m rip=%r %k is it possible to get rid of the "proxy(test at testserver.rhsoft.net): started proxying to 127.0.0.1:143: " part because on a proxy-only server i know that and it is explicitly not listed in "login_log_format_elements" as well as for the "TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA" it would be enough "TLSv1 DHE-RSA-CAMELLIA256-SHA" the reason is simple: * all needed informations are present * smaller logfiles * nicer "tail -f" on the syslog without breaks _____________________________________________ Aug 14 16:31...

...;'t be verified in this SSL session warning: peer certificate won''t be verified in this SSL session info: Caching certificate for machine-1.test.betrancourt.net err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version [root@machine-1 ~]# The client cert is into the serve...

The version of Roundcube I am using is 0.9.5+dfsg1-4.1