On 12/27/2013 03:39 PM, Viktor Dukhovni wrote:
There's your problem! This server (likely Exchange 2003) has a broken
implementation of 3DES CBC padding (search Postfix users archives for
my posts on the subject), and your cipher list is either long enough
to cause it to not see RC4-SHA and
On 12/28/2013 12:51 PM, Viktor Dukhovni wrote:
Does this modify the ciphers used for all connections, or just for the
server in question?
All connections.
Any suggestions for what ciphers to put in the list besides RC4-MD5?
If you read my previous responses on this thread, you'll notice I
I recently upgraded my companies' mail server to 64 Debian Wheezy. I am
using the Openssl package which is version 1.0.1e-2.
I am having problems when trying to send a message to one of our
business partners. The SMTP session appears to shut down and it appears
that my server is rejecting
On 12/27/2013 01:29 PM, Viktor Dukhovni wrote:
On Fri, Dec 27, 2013 at 12:59:11PM -0600, Bobber wrote:
I recently upgraded my companies' mail server to 64 Debian Wheezy. I
am using the Openssl package which is version 1.0.1e-2.
I am having problems when trying to send a message to one of our
On 12/27/2013 01:53 PM, andrew cooke wrote:
i am not following this in any detail, but if you look at the certificate you
included in your original email it expired in 2008. just look at it with
openssl -text -in some file
Ok, that's good. Thanks.
sorry if i'm jumping into something
On 12/27/2013 01:54 PM, andrew cooke wrote:
On Fri, Dec 27, 2013 at 04:53:41PM -0300, Andrew Cooke wrote:
i am not following this in any detail, but if you look at the certificate you
included in your original email it expired in 2008. just look at it with
openssl -text -in some file
On 12/27/2013 02:22 PM, Viktor Dukhovni wrote:
You're posting to the wrong forum. The problem is not OpenSSL, rather
you have an updated release of your MTA. (Is it Exim or Postfix? Go to
the corresponding mailing list). OpenSSL performs whatever certificate
verification your MTA asks for.
On 12/27/2013 03:39 PM, Viktor Dukhovni wrote:
On Fri, Dec 27, 2013 at 03:28:46PM -0600, Bobber wrote:
=== TLS started w/ cipher DES-CBC3-SHA
=== TLS peer subject DN=/C=US/ST=Missouri/L=Saint Louis/O=The
Lawrence Group/OU=IT/OU=Terms of use at www.verisign.com/rpa
(c)05/CN
