On Wed, 19 Feb 2003, Mark Edwards wrote:
> On Wednesday, February 19, 2003, at 07:11 PM, Mark Crispin wrote:
>
> > I don't know anything about Mozilla mail or OSX.
>
> Well, I don't know that this problem is specific to either really. So,
> do you think I need to talk to an openssl list about this one? The
> failure is simply with openssl?
>
> Feb 16 21:43:43 dina imapd[27468]: Unable to accept SSL connection,
> host=lilbuddy.antsclimbtree.com [216.27.183.129]
> Feb 16 21:43:43 dina imapd[27468]: SSL error status: error:1408F455:SSL
> routines:SSL3_GET_RECORD:decryption failed or bad record mac
Mark,
You may be able to use the "s_client" function in the 'openssl' tool
to debug this. Try:
openssl s_client -connect imap.host:993
(with the appropriate substition for "imap.host" ;).
If that works, then try using the command line options to force
specific prototols/ciphers (SSLv3 vs TLSv1, etc) to see if you can
mimic what Mozilla/mail-app are doing.
Also try it from other platforms (EG from your FreeBSD box to your OSX
box) to test interoperability between different implementations of
OpenSSL.
Dave
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
