[openssl-users] Unable to STARTTLS behind a specific network
fuckspam at wheres5.com
Thu Dec 22 10:30:12 UTC 2016
First post here, I would like to know how it's possible to debug a
certain problem I have.
Behind a specific network, I'm unable to bootstrap a STARTTLS session on
an SMTP server. Usually, it works flawlessly.
So my request for help is not to try to change anything to the
configuration (I'm not in charge of this network) but to confirm that
there is a "problem" in between on that network that prevents the
transaction from being conducted.
So what I do is :
$ openssl s_client -starttls smtp -crlf -connect newdude.radiom.fr:5000
No problem, I can communicate with the SMTP server after the STARTTLS
But behind that specific network, if I run the same command, all I get is :
no peer certificate available
No client certificate CA names sent
SSL handshake has read 351 bytes and written 147 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
When I compare two tcpdumps, I can clearly see that a lot of data is
missing, the transaction is not complete.
Before being paranoid, I simply suspect a MTU problem, but I'm not sure
how this would only apply to SSL transactions.
Should I provide tcpdumps or anything else ?
Thank you !
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: OpenPGP digital signature
More information about the openssl-users