Very sory. I was getting the following error:
------------
The following message to <frank.heis...@messagingstrategy.com> was
undeliverable.
The reason for the problem:
5.1.0 - Unknown address error 550-'5.7.1 Message rejected due to
content restrictions'
Final-Recipient: rfc822;frank.heis...@messagingstrategy.com
Action: failed
Status: 5.0.0 (permanent failure)
Remote-MTA: dns; [10.11.25.21]
Diagnostic-Code: smtp; 5.1.0 - Unknown address error 550-'5.7.1
Message rejected due to content restrictions' (delivery attempts: 0)
--------------
While I now see that It was not a list error, and probably only a
subscriber e-mail server replying to me, I believed that it was indeed
from the list.
Probably this person server is sending error messages to the "from"
and not "reply-to", and I tough that the strange e-mail would be from
some web filter proxy.
This is why in the later message I removed the http:// links. To see
if the list had that blocked due to spam.
I apologize for any inconvenience.
Regards,
Nuno
On Sat, Mar 20, 2010 at 18:13, Michael S. Zick <open...@morethan.org> wrote:
> On Sat March 20 2010, Nuno Gonçalves wrote:
>> I'm trying to set client certificate authentication.
>> It looks that I cant set even the simple demo...
>>
>
> Look like your e-mail client isn't correct either, it
> seems to be sending the same message every two hours.
>
> Mike
>> With apache2.2 installed:
>> sudo a2enmod ssl
>> sudo a2ensite default-ssl
>> sudo /etc/init.d/apache2 restart
>>
>> Browse with firefox to (https)localhost - page retrieved after
>> security warning, ssl working.
>>
>> Then I edit default-ssl and add:
>> SSLCACertificatePath /etc/ssl/certs/
>> SSLVerifyClient require
>>
>> I now browse again to the address.
>> As I don't have any certificate for the roots I have
>> installed(defaults) I would expect the browser to display a error
>> message. Actually it just hangs.
>> Also a .net client application that I created can't display the
>> "acceptable issuers" list. Empty.
>>
>> n...@ground2:/etc/ssl/certs$ openssl s_client -host localhost -port 443
>> -debug
>> CONNECTED(00000003)
>> write to 0x1acf790 [0x1ad0e60] (118 bytes => 118 (0x76))
>> 0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .t....K... ..9..
>> 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
>> 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../.......
>> 0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 ................
>> 0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @...............
>> 0050 - 00 00 03 02 00 80 e8 cd-46 6c ac 68 35 93 d6 74 ........Fl.h5..t
>> 0060 - fb e8 80 20 3f 35 bd 84-13 a1 7c da 22 f4 3d 39 ... ?5....|.".=9
>> 0070 - b9 69 1e 2b 77 9c .i.+w.
>> read from 0x1acf790 [0x1ad63c0] (7 bytes => 7 (0x7))
>> 0000 - 16 03 01 00 4a 02 ....J.
>> 0007 - <SPACES/NULS>
>> read from 0x1acf790 [0x1ad63c7] (72 bytes => 72 (0x48))
>> 0000 - 00 46 03 01 4b a4 1a 68-ea 82 78 13 40 b9 bd 53 .f..k..h....@..s
>> 0010 - f4 5c 3f c8 e2 aa 88 60-57 d7 7e 38 ce 82 c5 51 .\?....`W.~8...Q
>> 0020 - a1 70 90 d0 20 79 67 a2-48 a9 9c 09 e5 47 85 e7 .p.. yg.H....G..
>> 0030 - f6 b3 8d 88 7a 5a 62 39-83 f9 14 40 20 a1 66 ac ....zZb9...@ .f.
>> 0040 - a1 a5 2d 5a f8 00 39 ..-Z..9
>> 0048 - <SPACES/NULS>
>> read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5))
>> 0000 - 16 03 01 01 a9 .....
>> read from 0x1acf790 [0x1ad63c5] (425 bytes => 425 (0x1A9))
>> 0000 - 0b 00 01 a5 00 01 a2 00-01 9f 30 82 01 9b 30 82 ..........0...0.
>> 0010 - 01 04 02 09 00 c3 8d a4-df 92 38 53 ba 30 0d 06 ..........8S.0..
>> 0020 - 09 2a 86 48 86 f7 0d 01-01 05 05 00 30 12 31 10 .*.H........0.1.
>> 0030 - 30 0e 06 03 55 04 03 13-07 67 72 6f 75 6e 64 32 0...U....ground2
>> 0040 - 30 1e 17 0d 31 30 30 33-32 30 30 30 31 39 35 30 0...100320001950
>> 0050 - 5a 17 0d 32 30 30 33 31-37 30 30 31 39 35 30 5a Z..200317001950Z
>> 0060 - 30 12 31 10 30 0e 06 03-55 04 03 13 07 67 72 6f 0.1.0...U....gro
>> 0070 - 75 6e 64 32 30 81 9f 30-0d 06 09 2a 86 48 86 f7 und20..0...*.H..
>> 0080 - 0d 01 01 01 05 00 03 81-8d 00 30 81 89 02 81 81 ..........0.....
>> 0090 - 00 e3 62 43 c7 97 30 f7-15 81 90 50 ea 21 66 21 ..bC..0....P.!f!
>> 00a0 - 04 4d 2c 29 aa b7 da 7c-fd 4b 35 ca 7f f7 16 ca .M,)...|.K5.....
>> 00b0 - 98 d7 66 20 ff c4 66 43-88 9f ab 1d 2f a5 c7 b9 ..f ..fC..../...
>> 00c0 - c6 cb ee 06 ab 92 50 d9-ef 5c e0 ee 77 f1 12 a3 ......P..\..w...
>> 00d0 - 41 d0 33 c6 e6 7a 06 12-01 7c cb 50 89 51 0d 01 A.3..z...|.P.Q..
>> 00e0 - 21 0c 3e 02 c3 74 d0 30-46 bd 2d 67 f2 8d 41 34 !.>..t.0F.-g..A4
>> 00f0 - 9c b2 15 99 6d d0 e0 ef-2c e9 5e 2f eb 91 8d 66 ....m...,.^/...f
>> 0100 - be c6 76 7f 09 f5 fc e3-78 2b 9f 8d 1a 00 ff 10 ..v.....x+......
>> 0110 - 49 02 03 01 00 01 30 0d-06 09 2a 86 48 86 f7 0d I.....0...*.H...
>> 0120 - 01 01 05 05 00 03 81 81-00 70 c5 4a 78 49 af 68 .........p.JxI.h
>> 0130 - 6e 6f c4 a6 bc 6b 07 62-a6 ad 82 9f b4 f3 6e 1e no...k.b......n.
>> 0140 - 81 b3 d5 bf 71 30 71 94-28 cd d6 95 b5 de 62 b4 ....q0q.(.....b.
>> 0150 - 13 34 fa 54 ae f5 0c 1c-1b 0e 71 29 4c 1e e9 8f .4.T......q)L...
>> 0160 - 10 f9 f9 f1 d5 f4 6e 91-7f ae e8 89 86 17 cc 88 ......n.........
>> 0170 - 5b 11 1f d7 2c 67 0b 3b-ea de a6 0b 13 73 5e 9c [...,g.;.....s^.
>> 0180 - 42 3b 9f 4e 6b 6d 26 29-e5 2a 7b 25 ee 39 50 e6 B;.Nkm&).*{%.9P.
>> 0190 - 6c 85 57 d3 c8 26 47 7c-bf ea 3d af be 7a 42 a1 l.W..&G|..=..zB.
>> 01a0 - 97 ff 6e 4c 4e d2 83 c7-a8 ..nLN....
>> depth=0 /CN=ground2
>> verify error:num=18:self signed certificate
>> verify return:1
>> depth=0 /CN=ground2
>> verify return:1
>> read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5))
>> 0000 - 16 03 01 01 8d .....
>> read from 0x1acf790 [0x1ad63c5] (397 bytes => 397 (0x18D))
>> 0000 - 0c 00 01 89 00 80 d6 7d-e4 40 cb bb dc 19 36 d6 .........@....6.
>> 0010 - 93 d3 4a fd 0a d5 0c 84-d2 39 a4 5f 52 0b b8 81 ..J......9._R...
>> 0020 - 74 cb 98 bc e9 51 84 9f-91 2e 63 9c 72 fb 13 b4 t....Q....c.r...
>> 0030 - b4 d7 17 7e 16 d5 5a c1-79 ba 42 0b 2a 29 fe 32 ...~..Z.y.B.*).2
>> 0040 - 4a 46 7a 63 5e 81 ff 59-01 37 7b ed dc fd 33 16 JFzc^..Y.7{...3.
>> 0050 - 8a 46 1a ad 3b 72 da e8-86 00 78 04 5b 07 a7 db .F..;r....x.[...
>> 0060 - ca 78 74 08 7d 15 10 ea-9f cc 9d dd 33 05 07 dd .xt.}.......3...
>> 0070 - 62 db 88 ae aa 74 7d e0-f4 d6 e2 bd 68 b0 e7 39 b....t}.....h..9
>> 0080 - 3e 0f 24 21 8e b3 00 01-02 00 80 13 fa f8 ea 08 >.$!............
>> 0090 - 8a e3 d2 37 be d6 8e 7d-dd 65 ef 90 2b 91 2b 83 ...7...}.e..+.+.
>> 00a0 - 19 35 31 a3 f9 93 43 33-80 27 6c a3 3a df a2 6c .51...C3.'l.:..l
>> 00b0 - 1b bc c6 c1 53 22 8f 43-58 21 f2 6e b7 d9 96 46 ....S".CX!.n...F
>> 00c0 - 65 0a b4 4a 52 af 94 f6-ef 8e 01 1d 89 6b cd af e..JR........k..
>> 00d0 - 8b a6 a2 eb 6b a3 83 c8-c8 53 df c3 9d cc 3e 40 ....k....S....>@
>> 00e0 - 67 8a 85 aa c8 8c 79 52-ce 3d fd f8 b5 ec b3 46 g.....yR.=.....F
>> 00f0 - e6 7b d0 27 aa ee 46 d4-d3 c7 b8 2f 44 3d 99 99 .{.'..F..../D=..
>> 0100 - 07 ae e5 a0 ca 28 7c 2e-6d ea 7c 00 80 cf 49 8f .....(|.m.|...I.
>> 0110 - bc 1a a7 a6 2c 61 63 6e-20 d8 08 73 69 6f 80 b6 ....,acn ..sio..
>> 0120 - f1 2a 79 4f c1 5a 7c 89-5b 47 8a d5 11 ec fc b7 .*yO.Z|.[G......
>> 0130 - ba 6b 79 12 4d 3b fe a0-7f c8 94 2e 6a 41 78 10 .ky.M;......jAx.
>> 0140 - d2 71 fb a8 79 f5 11 e4-f5 22 e9 25 e0 77 53 09 .q..y....".%.wS.
>> 0150 - ac aa 94 f6 b4 c6 2c 58-8d 5f e3 ad 07 f9 5e d5 ......,X._....^.
>> 0160 - c9 79 17 2d 85 bf f4 52-38 14 f8 38 4a eb c2 83 .y.-...R8..8J...
>> 0170 - c7 76 73 82 ff 43 e9 18-13 bc 05 8b 40 ab e5 6f .vs..c......@..o
>> 0180 - 5a 51 25 8a bc ad 81 14-b6 5e d6 48 76 ZQ%......^.Hv
>> read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5))
>> 0000 - 16 03 01 40 ...@
>> 0005 - <SPACES/NULS>
>> read from 0x1acf790 [0x1ad63c5] (16384 bytes => 16384 (0x4000))
>> 0000 - 0d 00 5a 02 05 03 04 01-02 40 59 fa 00 14 30 12 ..z......@y...0.
>> 0010 - 31 10 30 0e 06 03 55 04-03 13 07 67 72 6f 75 6e 1.0...U....groun
>> 0020 - 64 32 00 41 30 3f 31 24-30 22 06 03 55 04 0a 13 d2.A0?1$0"..U...
>> 0030 - 1b 44 69 67 69 74 61 6c-20 53 69 67 6e 61 74 75 .Digital Signatu
>> 0040 - 72 65 20 54 72 75 73 74-20 43 6f 2e 31 17 30 15 re Trust Co.1.0.
>> 0050 - 06 03 55 04 03 13 0e 44-53 54 20 52 6f 6f 74 20 ..U....DST Root
>> 0060 - 43 41 20 58 33 00 3c 30-3a 31 19 30 17 06 03 55 CA X3.<0:1.0...U
>> 0070 - 04 0a 13 10 52 53 41 20-53 65 63 75 72 69 74 79 ....RSA Security
>> 0080 - 20 49 6e 63 31 1d 30 1b-06 03 55 04 0b 13 14 52 Inc1.0...U....R
>> 0090 - 53 41 20 53 65 63 75 72-69 74 79 20 31 30 32 34 SA Security 1024
>> 00a0 - 20 56 33 00 3c 30 3a 31-19 30 17 06 03 55 04 0a V3.<0:1.0...U..
>> 00b0 - 13 10 52 53 41 20 53 65-63 75 72 69 74 79 20 49 ..RSA Security I
>> 00c0 - 6e 63 31 1d 30 1b 06 03-55 04 0b 13 14 52 53 41 nc1.0...U....RSA
>> 00d0 - 20 53 65 63 75 72 69 74-79 20 32 30 34 38 20 56 Security 2048 V
>> 00e0 - 33 00 41 30 3f 31 0b 30-09 06 03 55 04 06 13 02 3.A0?1.0...U....
>> 00f0 - 54 57 31 30 30 2e 06 03-55 04 0a 0c 27 47 6f 76 TW100...U...'Gov
>> 0100 - 65 72 6e 6d 65 6e 74 20-52 6f 6f 74 20 43 65 72 ernment Root Cer
>> 0110 - 74 69 66 69 63 61 74 69-6f 6e 20 41 75 74 68 6f tification Autho
>> 0120 - 72 69 74 79 00 65 30 63-31 0b 30 09 06 03 55 04 rity.e0c1.0...U.
>> 0130 - 06 13 02 55 53 31 1c 30-1a 06 03 55 04 0a 13 13 ...US1.0...U....
>> 0140 - 41 6d 65 72 69 63 61 20-4f 6e 6c 69 6e 65 20 49 America Online I
>> 0150 - 6e 63 2e 31 36 30 34 06-03 55 04 03 13 2d 41 6d nc.1604..U...-Am
>> 0160 - 65 72 69 63 61 20 4f 6e-6c 69 6e 65 20 52 6f 6f erica Online Roo
>> 0170 - 74 20 43 65 72 74 69 66-69 63 61 74 69 6f 6e 20 t Certification
>> 0180 - 41 75 74 68 6f 72 69 74-79 20 31 00 65 30 63 31 Authority 1.e0c1
>> 0190 - 0b 30 09 06 03 55 04 06-13 02 55 53 31 1c 30 1a .0...U....US1.0.
>> 01a0 - 06 03 55 04 0a 13 13 41-6d 65 72 69 63 61 20 4f ..U....America O
>> 01b0 - 6e 6c 69 6e 65 20 49 6e-63 2e 31 36 30 34 06 03 nline Inc.1604..
>> 01c0 - 55 04 03 13 2d 41 6d 65-72 69 63 61 20 4f 6e 6c U...-America Onl
>> 01d0 - 69 6e 65 20 52 6f 6f 74-20 43 65 72 74 69 66 69 ine Root Certifi
>> 01e0 - 63 61 74 69 6f 6e 20 41-75 74 68 6f 72 69 74 79 cation Authority
>> 01f0 - 20 32 00 68 30 66 31 12-30 10 06 03 55 04 0a 13 2.h0f1.0...U...
>> ...
>> 3fc0 - 61 6c 69 64 61 74 69 6f-6e 20 41 75 74 68 6f 72 alidation Author
>> 3fd0 - 69 74 79 31 21 30 1f 06-03 55 04 03 13 18 68 74 ity1!0...U....ht
>> 3fe0 - 74 70 3a 2f 2f 77 77 77-2e 76 61 6c 69 63 65 72 tp://www.valicer
>> 3ff0 - 74 2e 63 6f 6d 2f 31 20-30 1e 06 09 2a 86 48 86 t.com/1 0...*.H.
>> read from 0x1acf790 [0x1ad63c0] (5 bytes => 0 (0x0))
>> 4201:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
>> failure:s23_lib.c:188:
>> n...@ground2:/etc/ssl/certs$
>>
>> Questions:
>> Is normal that firefox hangs when it doesn't have a valid certificate
>> to provide?
>> Openssl output looks OK?(or the error in the end is a exception?)
>>
>> Regards,
>> --
>> \ Nuno Gonçalves
>> /
>> \ Bugs? Features!
>> /
>> \ nuno...@gmail.com
>> / PORTUGAL
>> E-mail sent directly from Google Mail webmail using HTTPS on behalf of
>> Nuno João Pinto Gonçalves, birth date 1986-11-16. E-mail headers
>> provide good assurance that this message was not tampered and
>> originates from nuno...@gmail.com. If you require additional security,
>> I may provide on request X509 electronic signature under Portuguese
>> government chain.
>> Se precisar de assinatura digital do Cartão de Cidadão, de uma apitadela.
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-us...@openssl.org
>> Automated List Manager majord...@openssl.org
>>
>>
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-us...@openssl.org
> Automated List Manager majord...@openssl.org
>
--
\ Nuno Gonçalves
/
\ Bugs? Features!
/
\ nuno...@gmail.com
/ PORTUGAL
E-mail sent directly from Google Mail webmail using HTTPS on behalf of
Nuno João Pinto Gonçalves, birth date 1986-11-16. E-mail headers
provide good assurance that this message was not tampered and
originates from nuno...@gmail.com. If you require additional security,
I may provide on request X509 electronic signature under Portuguese
government chain.
Se precisar de assinatura digital do Cartão de Cidadão, de uma apitadela.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
