tboeckel
commented
8 years ago Originally on 2014-09-22 22:16:12 +0200
Please check if this is the same issue as described in #530.
Closed jens-maus closed 7 years ago
tboeckel
commented
8 years ago Originally on 2014-09-22 22:16:12 +0200
Please check if this is the same issue as described in #530.
jens-maus
commented
8 years ago Originally on 2014-09-23 09:24:45 +0200
In fact, my guess is that this SSL related problem is the same #559. So please run the debug version of YAM and before starting it use
setenv yamdebug netto catch a 'net' debug log. Then try to reproduce the problem again and please attach the debug log to this ticket so that we can investigate the issue. Most probably your provider switched to a new certificate type which requires functionality in AmiSSL which is currently not available and thus causes the above mentioned error. A workaround had already been added for this in the latest nightly builds so if the latest nightly builds are working for you then please continue using them and report it here.
jens-maus
commented
8 years ago Originally by JDuch@fulladsl.be on 2014-09-23 10:42:04 +0200
I guess you are right, strange is that all went Ok till a few days ago. with version 2.9p1
I asked the provider if they changed something but i got no answer to that question
I downloaded the 2.9p1 YAM debug version, set the env variable, but when starting the debug version up it tells me "this developer version of Yam has expired" Can you (I ?) disable this ?
I guess that you allready have the needed info for 2.10 and that you are after confirmation 2.9p1 has the same error? If yes i would be glad, if the error is indeed the same, that when the fix is found 2.9p1 would get that update too, as there is still some months wait for 2.10 stable.
jens-maus
commented
8 years ago Originally on 2014-09-23 10:47:57 +0200
Replying to JDuch@…:
First of all. Please make sure to login before posting anything here, otherwise all your comments will be routed for moderation!
I guess you are right, strange is that all went Ok till a few days ago. with version 2.9p1
I asked the provider if they changed something but i got no answer to that question
That's quite common since email providers mostly have very weak support. However, your provider very certainly changed their SSL certificate (they have to do that regularly) and mostly certainly they used a newer/stronger cipher/algorithm which the AmiSSL version you are currently using doesn't support. Thus we added some workaround in YAM to cover this problem and I am sure if you would test one of the latest nightly builds the problem would vanish.
I downloaded the 2.9p1 YAM debug version, set the env variable, but when starting the debug version up it tells me "this developer version of Yam has expired" Can you (I ?) disable this ?
Oh, it really shows this? Usually the official 2.9p1 debug version as found on the download page here should NEVER expire but be usable at all times. Please verify again that you downloaded the correct debug version and not an older nightly build of YAM 2.9p1.
I guess that you allready have the needed info for 2.10 and that you are after confirmation 2.9p1 has the same error? If yes i would be glad, if the error is indeed the same, that when the fix is found 2.9p1 would get that update too, as there is still some months wait for 2.10 stable.
YAM 2.9p1 will not be updated to a 2.9p2 version, but rather we would wait for YAM 2.10 to fix the problem as well. So if you are in urgent need to get the problem fixed please use a YAM 2.10 nightly build until the official 2.10 version had been released around christmas.
jens-maus
commented
8 years ago Originally by JDuch@fulladsl.be on 2014-09-23 17:31:27 +0200
I did use this one http://yam.ch/download/YAM%202.9p1/YAM29p1-AmigaOS4-debug.lha which is the correct one i think
YAM 2.9p1 will not be updated to a 2.9p2 version, but rather we would wait for YAM 2.10 to fix the problem as well
I'll try to use the webbrowser interface till then
jens-maus
commented
8 years ago Originally by JDuch@fulladsl.be on 2014-09-28 09:48:21 +0200
I did download the 2.10 dev debug version and reported my findings in the #530 ticket
Strangely i did not receive an e-mail confirmation , nor do i note a developer reaction
tboeckel
commented
8 years ago Originally on 2014-09-28 12:47:47 +0200
Replying to JosDuchIt:
Strangely i did not receive an e-mail confirmation , nor do i note a developer reaction
You did not add yourself as a subscriber. I just did that for you. And guess what, even developers have a life beyond computers including a wife and children or what ever you call a family. Sometimes it takes some days until we find the spare time to answer.
Now back to the original issue. It is definitely AmiSSL at fault here which is too old to handle the new certificates to which all providers switch recently. Although the certificates are perfectly valid AmiSSL still treats them as faulty. It seems YAM just needs a workaround for this AmiSSL bug to ignore these kinds of warning. Basically the download works, but YAM should not annoy the user with constant warnings about faulty certificates.
jens-maus
commented
8 years ago Originally by JDuch@fulladsl.be on 2014-09-30 09:29:45 +0200
Thanks for explaining Be assured i am fully aware and appreciate what it is to develop for the Amiga and maintaining family harmony.
I was just worried when i did not get an automatic response that developers would not have been noitified either. Of course thinking a bit more should have excluded that worry. Certainly no offense meant& thanks for your efforts
Originally by JDuch@fulladsl.be on 2014-09-22 19:01:59 +0200
Summary
When i hit the "get" button , since a few days i get the error message "Couldn't initialize TLSv1/SSL session with host pop.scarlet.be of account ..." With simplemail i still can download them
Steps to reproduce
1.hit the get button 2.
Expected results
Actual results
Regression
Notes