TLS problem with Lotus Domino v8.5.1 - mutual handshake fails

Hi, In our postfix server, we see SSL_accept error from hgrs-mail01.hgrs.tld.dom[161.x.y.z]: 0 Nov 16 08:54:52 ernesto postfix2cc/smtpd[18662]: warning: TLS library problem: 18662:error:140943E8:SSL routines:SSL3_READ_BYTES:reason(1000):s3_pkt.c:1053:SSL alert number 0: This error message appare

Lotus Domino server v8 fails mutual TLS handshake

Hi Steve, A Lotus Domino server v8 wants to connect to my postfix like several others do with client certificate authentication over TLS. Unfortunately, it fails early on with warning: TLS library problem: 25785:error:140943E8:SSL routines:SSL3_READ_BYTES:reason(1000):s3_pkt.c:1053:SSL alert numb

how to avoid "No client certificate CA names sent" with s_server?

Hi, both with openssl, I am trying to have a server and client that perform client certificate authentication. So, I start the server as follows: openssl s_server -www -key /dir/server-key.pem -cert /dir/server-cert.pem -CAfile /dir/cacert.pem -state and as per the previous posts on the list

SMIMEEncryptionKeyPreference for the openssl command line interface?

Hi Steve, RFC2633 defines 1.2.840.113549.1.9.16.2.11 to identify the SMIMEEncryptionKeyPreference signed attribute (id-aa-encrypKeyPref). Are there any plans to enhance the command line interface todo so, i.e. to be able to specify a .pem preferred encryption certificate file with an additional p

how to smime decrypt if certificate is lost?

Hi, If I do still have the public key and private key, I hope I still can use openssl to decrypt a message even if I lost the certificate originally used to encrypt to. Unfortunately, my attempts fail so far: openssl smime -decrypt -in encrypted.eml -recip privKeyAndPubkeyInOtherCert.pem Enter

openssl smime -encrypt ... -aes256 planned?

Hi, http://www.openssl.org/docs/apps/smime.html# offers openssl smime [-encrypt] ... [-des3] ... [-rc2-128] Are there any plans to also support -aes256 or stronger? Regards Ralf P.S.: At least my tomcat-coyote https does AES256 with quite acceptable performance. ___

RE: how to prevent smime from dropping body parts that look like a mail header

Steve, Thx for the hint - I kind of solved it as below, but still don't know what the real reason for the problem is. Rgds r. > -Original Message- > From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED] > Sent: Dienstag, 13. Januar 2004 13:15 ... > > Using smime to encrypt a body.txt file, alw

how to prevent smime from dropping body parts that look like a mail header

Hi, Using smime to encrypt a body.txt file, always the first part of that body disappeared since it looked like a mail header. If I change it to some other, arbitrary text, the entire mail body content arrives. What can I do to have my entire body text arrive even if it starts with <>? Looking a

RE: openssl's MIME headers ignored by receiving MUA (e.g. outlook) when not using sendmail to send

Steve, Thanks - now, this works. Perhaps you want to take the (typical) full path of sendmail into your example since novices like myself don't have /usr/sbin in their path. Rgds r. > -Original Message- > From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED] > Sent: Freitag, 11. Juli 2003 20:4