[openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Tue Apr 25 21:03:12 UTC 2017

      > Thank you!  So it is the *client* that breaks the connection,
      > and it is unhappy either about MiTM, or the encoding. I will
      > check for both (though not much I can do about either).
 	Presumably you've added that cert to some trust store on the system in question.

Yes I did (though reluctantly :).
    The support staff for the product should be able to tell you how to configure
    trusted TLS CAs, if these are configurable.

Yes, I’m bringing this to them, in hope that they’d resolve it.
    If the product is not using OpenSSL, this question really is off topic for
    this list.  If it is using OpenSSL, there may be some place where it looks
    for its CAfile or some CApath directory.

Frankly, I don’t know – to me it’s an executable black-box. I’ll try to dig. But I think you’ve provided me with all I need to point our support at the root cause.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5211 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170425/84e46109/attachment.bin>

More information about the openssl-users mailing list