Hello,
I am using openssl-0.9.6 on a Solaris box. I am
currently using a temporary self signed certificate.
The OS is Solaris 8. For /dev/random I have installed
ANDIrand(http://www.cosy.sbg.ac.at/~andi/) and I have
also installed PRNGD. I installed both as I thought
the problem might relate to the random number
generator. I am using openssl to encrypt client
connection to our Cyrus IMAP 2.0.16 server. Here is
the ouput of a Cyrus connection utility called imtest:
imtest -v -t /var/imap/mailhost.crt localhost
C: C01 CAPABILITY
S: * OK catfish Cyrus IMAP4 v2.0.16 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+
NAMESPACE UIDPLUS ID NO_ATOMI
C_RENAME UNSELECT MULTIAPPEND SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE
STARTTLS
S: C01 OK Completed
S01 NO Error initializing TLS
starting TLS engine
setting up TLS connection
SSL_connect:before/connect initialization
write to 000D6A20 [000F4870] (90 bytes => 90 (0x5A))
0000 16 03 01 00 55 01 00 00|51 03 01 3b 7f 48 2b 76
0010 b6 b5 6d dd c2 ce 95 6a|2c 19 88 c8 d9 a3 4a 76
0020 3b b7 e9 56 11 0c 11 73|fb 25 a5 00 00 2a 00 16
0030 00 13 00 0a 00 66 00 07|00 05 00 04 00 65 00 64
0040 00 63 00 62 00 61 00 60|00 15 00 12 00 09 00 14
0050 00 11 00 08 00 06 00 03|01
005a - <SPACES/NULS>
SSL_connect:SSLv3 write client hello A
read from 000D6A20 [000EC060] (5 bytes => 5 (0x5))
0000 2a 20 42 41 44
write to 000D6A20 [000E3DD0] (7 bytes => 7 (0x7))
0000 15 20 42 00 02 02 46
SSL3 alert write:fatal:unknown
SSL_connect:error in SSLv3 read server hello A -1
SSL_connect error -1
SSL session removed
TLS negotiation failed!
Asking for capabilities again since they might have
changed
C: C01 CAPABILITY
S: Invalid tag
S: * BAD Invalid tag
I have tried looking up some of these error on various
newsgroup but have come up empty handed. Could someone
help shed some light on the possible cause and or
workaround. I would greatly appreciate any help. Thank
you.
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
