[Pkg-openssl-devel] Bug#706423: [openssl.org #3072] Strange behaviour when talking to microsoft exchange
Robert Mueller
robm at fastmail.fm
Tue Jul 30 02:16:37 UTC 2013
I'd like to confirm this bug as well and try and get it prioritised.
It's a major PITA that connections to live.com (and also many exchange
servers) are failing unless you provide specific SSL override options.
$ openssl s_client -connect smtp.live.com:587 -starttls smtp -tls1_2
-crlf
CONNECTED(00000003)
46912496296712:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:337:
...
$ openssl s_client -connect smtp.live.com:587 -starttls smtp -tls1_1
-crlf
CONNECTED(00000003)
46912496296712:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:337:
...
$ openssl s_client -connect smtp.live.com:587 -starttls smtp -tls1 -crlf
CONNECTED(00000003)
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization
Validation CA - G2
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=Washington/L=Redmond/O=Microsoft
Corporation/CN=smtp.live.com
i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA -
G2
1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA -
G2
i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
...
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5
Session-ID:
FD0100005E745018FFA58423A154B06801F16835D6A266306ACFB7D79DBB2E58
Session-ID-ctx:
Master-Key:
C8851558B2E2D6B0165CEDD67F2FA2D02CD8DF49C206A1C1B14EAA3FE538A3FA101ACB7B71EFDB8A8CBB7F09CFD6C8B4
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1375150491
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
250 OK
--
Rob Mueller
robm at fastmail.fm
More information about the Pkg-openssl-devel
mailing list