Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Notes/Domino 6 and 7 Forum

Notes/Domino 6 and 7 Forum

  

PreviousPrevious NextNext


~Chloe Nonkiplopikle 18.Mar.03 09:54 PM a Web browser
Domino Server All Releases All Platforms


Could I firstly ask for a straw poll to see who has actually got this working? Not forgetting that if a STARTTLS session fails the SMTP server will retry in clear text, so if you are not running the debug commands and checking the logs it may not be working.

There seem to be several variables here that are difficult to pin down. In essence the SSL certificate is a 128Bit Certificate issued by a Domino CA using the request database. There are several options in the Key when signing by the CA that is not well documented.

Is there anybody with some real world experience in TLS? I am happy to share my findings but I must admit I cannot get it to work!

The debug commands are:

SMTPDebug=3
SMTPDebugIO=3
SMTPCLIENTDEBUG=3
TraceSSLHandshake=1
ReportSSLHandshakeErrors=1
SmtpSaveOutboundToFile=1
debug_outfile=c:\trace\ssloutfile.txt

A typical client session would be:

250-TLS
250-HELP
250-AUTH LOGIN
250-STARTTLS
250-SIZE
250 PIPELINING
STARTTLS
220 Ready to start TLS
Server key (1024 bits) too strong for EXPORT ciphers. Disabling cipher RSA_EXPORT_WITH_RC4_40_MD5
SSL handshake error: 1C7Ah
Attempting to Disconnect:
CommandQUIT:
Connection terminated with status: 2562

And the server would see

State change from Greeting to Greeting
Processing in Greeting state
State change from Greeting to Connected
Processing in Connected state
EHLO command received
Processing in Connected state
STARTTLS command received
Processing in Connected state
STARTTLS command (cont.)
SSL Error: Keyring File access error
State change from Greeting to Greeting







. . . . Wow - usefull information - Thanks ... (~Chloe Nonkiplo... 20.Mar.03)
. . . . . . RE: Wow - usefull information - Tha... (~Alexis Elluski... 21.Mar.03)
. . . . . . RE: Wow - usefull information - Tha... (~Tanita Desweve... 21.Mar.03) SSL TLS SMTP setup and configuratio... (~Chloe Nonkiplo... 18.Mar.03)
. . RE: SSL TLS SMTP setup and configur... (~Alexis Elluski... 19.Mar.03)
. . . . SSL TLS SMTP setup and configuratio... (~Chloe Nonkiplo... 19.Mar.03)
. . . . . . RE: SSL TLS SMTP setup and configur... (~Alexis Elluski... 19.Mar.03)
. . Add DEBUG_SSL_ALL=3 and SSL_TRACE_K... (~Tanita Desweve... 19.Mar.03)





  Document options
Print this pagePrint this page

 Search this forum

  Forum views and search
Date (threaded)
Date (flat)
With excerpt
Category
Platform
Release
Advanced search

 RSS feedsRSS
All forum posts RSS
All main topics RSS