-
-
-
32. Re: JBoss Mail Server Performance and Throughput
Andrew,
barely, slightly off subject, but still regarding testing mail servers...
ug, telnetting into ssl ports on the mail server, obviously did not work, i could see they were active, but obviously, no handshake is happening, so it just kinda sits there, so then...
Yeah, found an example of how to use openssl to connect to webserver, and sho nough', it connected to the mail server
I figured out that the commands didnt need to be base64'd, but user and password did, after I finally figured out how to correctly do the login(that took awhile, and almost gave up)
it allows me to enter the
MAIL FROM:<me@mail.blah.com>
but when I enter
RCPT TO:<him@mail.blah.com>
i get this erred output...RENEGOTIATING depth=0 /C=US/ST=AZ/L=blah/O=blah/OU=blah Corp./CN=blah.Com verify error:num=18:self signed certificate verify return:1 depth=0 /C=US/ST=AZ/L=blah/O=Corporate/OU=blahCorp./CN=blah.Com verify return:1 closed
i tried installing what I thought was the CA certificate, that I exported from the jbmail.store, but it's rejecting the certificate with this error...
$ openssl verify certs jbmail.cerunable to load certificate 316:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecti ng: TRUSTED CERTIFICATE unable to load certificate 316:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecti ng: TRUSTED CERTIFICATE
so, should I be installing the jbmail.store exported cert, or the exported cert from mailservice.keystore?
any help, would be greatly appreciated -
33. Re: JBoss Mail Server Performance and Throughput
IIrc, there have been stunnel and stelnet in the past to talk to ssl-servers.
-
34. Re: JBoss Mail Server Performance and Throughput
thats over my head. You probably would get a better response if you started such as new topics rather than appending to an exsting one. Some folks scan topics for areas of their expertise where they can help.
-
35. Re: JBoss Mail Server Performance and Throughput
"gohip@ichibancomputers.com" wrote:
Andrew,
but when I enter
RCPT TO:<him@mail.blah.com>
i get this erred output...RENEGOTIATING depth=0 /C=US/ST=AZ/L=blah/O=blah/OU=blah Corp./CN=blah.Com verify error:num=18:self signed certificate verify return:1 depth=0 /C=US/ST=AZ/L=blah/O=Corporate/OU=blahCorp./CN=blah.Com verify return:1 closed
Are you using s_client? Don't pass -verify as an argument and it shouldn't verify. Otherwise you have to configure openssl to trust this certificate.
i tried installing what I thought was the CA certificate, that I exported from the jbmail.store, but it's rejecting the certificate with this error...
$ openssl verify certs jbmail.cerunable to load certificate 316:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecti ng: TRUSTED CERTIFICATE unable to load certificate 316:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecti ng: TRUSTED CERTIFICATE
This error means that the cert is not in PEM format. When you export your cert with keytool, add a -rfc argument. The cert should be human readable text.
-Jason -
36. Re: JBoss Mail Server Performance and Throughput
Thanks Man!
And hey, we have same initials!
I was doing openssl as this...
openssl s_client -starttls smtp -connect XXX.XXX.XXX.XXX:25
i also did
openssl s_client -ssl2/3 -connect XXX.XXX.XXX.XXX:25
i tried throwing in the verify flag, and setting it to o or 1, but had no idea what it's expected value was supposed to be.
PEM format, damnit. I opened the exported cert in notepad, and your right it was in some binary encoding, human readable, you mean base64 encoded, i.e. begin cert, then base64 or encryption, then end certificate?
I'll try exporting the cert, in a different format as you stated
thanks again for info! -
37. Re: JBoss Mail Server Performance and Throughput
it no longer states those errors, it prints out the cert details, then states error xxx, self signed cert
damn, signing such a pain, i go through this all time with mobile devices, and ssl webs
do i have to setup the openssl on windows in anyway, i have a the env var for the config file
it runs from command prompt, i.e. path seems right
it had ../bin/pem/democert
and ../bin/pem/democert/private
but in democert, i had to create
certs, crl, etc. Did I miss a step while installing, as I did the install awhile back...
