Click Here
home features news forums classifieds faqs links search
6071 members 
Amiga Q&A /  Free for All /  Emulation /  Gaming / (Latest Posts)
Login

Nickname

Password

Lost Password?

Don't have an account yet?
Register now!

Support Amigaworld.net
Your support is needed and is appreciated as Amigaworld.net is primarily dependent upon the support of its users.
Donate

Menu
Main sections
» Home
» Features
» News
» Forums
» Classifieds
» Links
» Downloads
Extras
» OS4 Zone
» IRC Network
» AmigaWorld Radio
» Newsfeed
» Top Members
» Amiga Dealers
Information
» About Us
» FAQs
» Advertise
» Polls
» Terms of Service
» Search

IRC Channel
Server: irc.amigaworld.net
Ports: 1024,5555, 6665-6669
SSL port: 6697
Channel: #Amigaworld
Channel Policy and Guidelines

Who's Online
17 crawler(s) on-line.
 123 guest(s) on-line.
 2 member(s) on-line.


 agami,  DiscreetFX

You are an anonymous user.
Register Now!
 DiscreetFX:  3 mins ago
 agami:  4 mins ago
 RobertB:  23 mins ago
 OlafS25:  1 hr 13 mins ago
 Bruce72:  1 hr 15 mins ago
 Rob:  1 hr 46 mins ago
 MEGA_RJ_MICAL:  2 hrs 2 mins ago
 t0lkien:  2 hrs 7 mins ago
 amigakit:  2 hrs 28 mins ago
 OneTimer1:  2 hrs 41 mins ago

/  Forum Index
   /  Amiga OS4 Software
      /  YAM 2.9p1 SSL error
Register To Post

PosterThread
Serpi 
YAM 2.9p1 SSL error
Posted on 16-Apr-2015 10:30:14
#1 ]
Cult Member
Joined: 31-Jul-2003
Posts: 547
From: Germany

Hi all,

after upgrading YAM from (AFAIR 2.5) to 2.9p1 yesterday now I cannot fetch the mail from my freenet.de account.

Settings are identical to the old settings which worked just a few minutes earlier, but I get an error "cannot initiate SSL/TLS session" (or similar).

This is on OS4U6 (didn't install FE yet).

I've looked for an updated AmiSSL or OpenSSL but didn't find anything.

I have updated all components from the YAM updater.

Help!

Thanks & Ciao,
Alfred

 Status: Offline
Profile     Report this post  
Severin 
Re: YAM 2.9p1 SSL error
Posted on 17-Apr-2015 7:20:09
#2 ]
Elite Member
Joined: 18-Aug-2003
Posts: 2740
From: Gloucestershire UK

@Serpi

SSL is out of date, there is no update available yet, you're bext chance is to use 'no security' until it's fixed.

Installing FE won't help either.

_________________
OS4 Rocks
X1000 beta tester, Sam440 Flex (733)

Visit the Official OS4 Support Site for more help.

It may be that your sole purpose is to serve as a warning to others.

 Status: Offline
Profile     Report this post  
graff 
Re: YAM 2.9p1 SSL error
Posted on 17-Apr-2015 10:30:19
#3 ]
Member
Joined: 4-Jul-2005
Posts: 54
From: Unknown

@Serpi
I have the exact same problem with my email provider. What we found out was that the AmiSSL version is based on a too old SSL version which does not properly support the encryption strength used on the signatures of all new SSL certificates issued. So when a provider needs to update the expiry date of their SSL certificates they get a certificate with a signature not supported by AmiSSL.

YAM will get an error from AmiSSL and refuse to work with the SSL connection to your email provider.

The nightly build of YAM, however, has an extra feature where it displays an error dialog in which you can choose to use this unvalidated SSL certificate anyway - and that has enabled me to fetch emails again from my provider. So try to use the nightly build as see if that works around the problem for you too.

_________________
Regards
Thomas Graff Thøger

 Status: Offline
Profile     Report this post  
Hypex 
Re: YAM 2.9p1 SSL error
Posted on 17-Apr-2015 15:58:48
#4 ]
Elite Member
Joined: 6-May-2007
Posts: 11180
From: Greensborough, Australia

Okay guys, so why did it work before "yesterday " ? I don't understand how AmiSSL would suddenly go out of date after a YAM update that was working days before. At least that'a how it looks.

 Status: Offline
Profile     Report this post  
Severin 
Re: YAM 2.9p1 SSL error
Posted on 17-Apr-2015 16:15:34
#5 ]
Elite Member
Joined: 18-Aug-2003
Posts: 2740
From: Gloucestershire UK

@Hypex

Probably because the older yam did not support the encryption method that is now failing (SSLv3) and only supported SSLv2 which the provider might support as a fall back.

You could try setting AmiSSLCheck to N in the .config file in the email drawer. no idea if it will do anything though.

_________________
OS4 Rocks
X1000 beta tester, Sam440 Flex (733)

Visit the Official OS4 Support Site for more help.

It may be that your sole purpose is to serve as a warning to others.

 Status: Offline
Profile     Report this post  
Serpi 
Re: YAM 2.9p1 SSL error
Posted on 18-Apr-2015 12:20:00
#6 ]
Cult Member
Joined: 31-Jul-2003
Posts: 547
From: Germany

@Severin

OK, setting AmiSSLCheck in .config just did nothing, it was always set back to "Y" at start.

My provider also needs SSL no unencryted connection is possible.

Is there any way to tell AmiSSL not to use SSLv3 for an app or at all?

I've also seen settings in the config file that might help:

POP00.SSLCert =
POP00.SSLCertFailures = 0

But i don't know what they are for.

And last but not least there's a file in resources/certificates with newer certificates in the YAM drawer, isn't this used?

For now I will try the nightly build...

Thanks & Ciao,
Alfred

 Status: Offline
Profile     Report this post  
Serpi 
Re: YAM 2.9p1 SSL error
Posted on 18-Apr-2015 13:02:09
#7 ]
Cult Member
Joined: 31-Jul-2003
Posts: 547
From: Germany

OK, tried the nighty build, didn't work.

Then I tried dieffernet stable releases, the last version that worked was 2.7 which I'm using now.

There's also a setting that says it uses SSLv3 so that seems not to be the problem.

Ciao, Alfred

 Status: Offline
Profile     Report this post  
number6 
Re: YAM 2.9p1 SSL error
Posted on 18-Apr-2015 13:39:17
#8 ]
Elite Member
Joined: 25-Mar-2005
Posts: 11540
From: In the village

@Serpi

Quote:
Then I tried dieffernet stable releases, the last version that worked was 2.7 which I'm using now.


Just a note so we can compare results.

V2.8 still working for me.

#6

_________________
This posting, in its entirety, represents solely the perspective of the author.
*Secrecy has served us so well*

 Status: Offline
Profile     Report this post  
Serpi 
Re: YAM 2.9p1 SSL error
Posted on 19-Apr-2015 11:45:12
#9 ]
Cult Member
Joined: 31-Jul-2003
Posts: 547
From: Germany

@number6

Quote:

Just a note so we can compare results.

V2.8 still working for me.

#6


Just tried V2.8 (again, I think) and got the error: "Couldn't initialize TLSv1/SSLv3 session with
host 'mx.freenet.de' of account ..."

I don't get the error with 2.7 or earlier but with every version from 2.8.

Thanks & Ciao,
Alfred

 Status: Offline
Profile     Report this post  
number6 
Re: YAM 2.9p1 SSL error
Posted on 19-Apr-2015 12:00:49
#10 ]
Elite Member
Joined: 25-Mar-2005
Posts: 11540
From: In the village

@Serpi

If you want to compare any settings in config, just ask.

In this case I am (see profile) using AmigaOS4.0 final, with YAM V2.8, in case that offers a clue as to the performance difference.

#6

_________________
This posting, in its entirety, represents solely the perspective of the author.
*Secrecy has served us so well*

 Status: Offline
Profile     Report this post  
number6 
Re: YAM 2.9p1 SSL error
Posted on 19-Apr-2015 18:52:36
#11 ]
Elite Member
Joined: 25-Mar-2005
Posts: 11540
From: In the village

@Serpi

Off-topic.

I'm still telling people about jpegoptim btw. I still don't think people realize that it's "the key" to getting all the older programs that do not use datatypes to load all the newer .jpg formats, without having to rewrite the programs or the loader modules as in the case of AdPro etc.

#6

Last edited by number6 on 19-Apr-2015 at 07:10 PM.

_________________
This posting, in its entirety, represents solely the perspective of the author.
*Secrecy has served us so well*

 Status: Offline
Profile     Report this post  

[ home ][ about us ][ privacy ] [ forums ][ classifieds ] [ links ][ news archive ] [ link to us ][ user account ]
Copyright (C) 2000 - 2019 Amigaworld.net.
Amigaworld.net was originally founded by David Doyle