We're using Mandrill to send emails and also to receive email that we parse. When setting up the inbound processing route and using an HTTP route, everything works fine. When we try to put a route using HTTPS we get the following error message:
HEAD to https://example.com/api/v1/messages/ failed: Unknown SSL
protocol error in connection to example.com:443
Is there a specific SSL protocol that is required for Mandrill?
We just figured it out. We did have TLSv1.2 enabled already but looks like it requires a lower version. We enabled TLSv1.1 and TLSv1.0 and it worked.
According to this blog post, SSLv3 is of course not supported, but most versions of TLS should work. Seeing support for up to TLSv1.2 in my own tests.
Related
I have encountered the below error while executing the pub.client:soapHTTP service that is available in WmPublic.
java.io.IOException: said.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure
On further investigation, I found that TLSv1.2 is being used by the partner server and I believe wM 6.5 only supports TLS v1.0. This might be a TLS version issue.
I am using webMethods 6.5.
Trusted Certificates > CA Certificate Directory is unspecified and watt.security.cert.wmChainVerifier.trustByDefault is set as TRUE for my server. Therefore, all CAs should be trusted.
Is there any way to make this work as upgrading wM is not an option, unfortunately?
I found this page (link PFB) where there is a section called TLS/SSL Handshake Issues & Debugging. There my handshake issue is mentioned and as a solution, it said:
handshake failed as Integration Server using Entrust IAIK connects to a TLS 1.2 enabled server. In this case, change from IAIK to JSSE option and set "watt.net.jsse.client.enabledProtocols=TLSv1.2"
I tried the above way but it did not work and yes, I restarted the server after changing the configuration.
Moreover, it also stated that
For outbound SSL connection (i.e. Integration Server is acting as SSL client), the following watt properties control the protocol version and ciphersuites:
IAIK:watt.net.ssl.client.handshake.minVersion,watt.net.ssl.client.handshake.maxVersion, watt.net.ssl.client.strongcipheronly,watt.net.ssl.client.cipherSuiteList
JSSE:watt.net.jsse.client.enabledProtocols,watt.net.jsse.client.enabledCipherSuiteList.
But I don't have any of those parameters configured in server.cnf and even if I had to I don't know what values I should configure them with. I'd like some help with those if it'll help with the situation.
https://techcommunity.softwareag.com/pwiki/-/wiki/Main/Debugging%20TLS%20SSL%20connections%20in%20Integration%20Server
try to set in extended settings
watt.net.ssl.client.useJSSE=true
i dont know the old version but it could be that the useJsse parameter that normally is set on the .http and .soapClient service is just taken from the default properties
I Have a Spray Scala project. I am doing HTTPS connection with Self Signed Certificate (.jks) to this project through REST call. I referred this link Configuration issue for Spray https server with self-signed certificate? to configure spray to https server. so when i run my project it reads .jks certificates but when i fire request it gives following error :
Aborting encrypted connection to /192.168.1.3:46346 due to [SSLException:Unrecognized SSL message, plaintext connection?]
I found the answer. so when i configured spray to HTTPS it cant accept the HTTP requests it accepts only HTTPS requests.
We procured standard ssl certificate to mydomain.net from godadday.
We shutdown live server mydomain.com, configured new server mydomain.net with ssl, everything works fine.
We have added redirect records in DNS for mydomain.com to mydomain.net
www.mydomain.com redirecting properly to www.mydomain.net
We are experiencing a issue, when any request to https //www.mydomain.com
redirection happening but with untrusted certificate error message.
www.mydomain.com uses an invalid certificate.
The certificate is valid for the following names:
www.mydomain.net , mydomain.net
(Error code: ssl_error_bad_cert_domain)
Godaddy india support not able to resolve the issue, escalated to US support no update from US support.
Please suggest me how to resolve this issue?
Thanks,
ItsR
Redirection inside a HTTPS connection from domain A to domain B needs a proper certificate for domain A too, which does not seem to be in your case. This is because the redirection happens inside the TLS connection, i.e. the TLS connection needs to be established first which needs the proper certificate.
I am using google apps for email. I can send email out through c# code fine with smtp.gmail.com.
I would like to be able to use the name smtp.mydomain.com instead, but still have it go to smtp.gmail.com. I tried just seeing a CNAME in my DNS settings, but I get this error:
"The remote certificate is invalid according to the validation procedure."
Any ideas?
Thanks.
Yes, you can't, the TLS certificate used to communicate privately with the remote SMTP server is signed with smtp.gmail.com. The only solution is to create a SMTP relay with sendmail for example on your own server.
How to send emails in Visual Basic 6 with SSL option enabled?
You could use the webdav protocol to send the email via an IXMLHTTPRequest. An example showing how to do this can be found here.
To send via a server that has an SSL certificate just remember to include the https:// at the beginning of the URL.