poramboku
asked on
error logging into pop.gmail.com: SSL bad peer certificate. Connection refused in lotus notes
error logging into pop.gmail.com: SSL bad peer certificate. Connection refused in lotus notes
Can you try with IMAP? See https://support.google.com/mail/answer/7126229?hl=en
ASKER
nope, I did this already..
Here's the configuration I used to have, but it's a while ago that I used it:
Capture1.PNG
Capture2.PNG
Capture1.PNG
Capture2.PNG
Likely problem is SSL... There hasn't really been any SSL for past... well... many years...
All recent certs + connections will be TLS.
I don't use Outlook + most email clients have an option either to try SSL first + then TLS, or to force TLS.
If you set SSL, this means SSL2 or SSL3 + what you're really after is TLS... because...
Google does not support SSL2 + SSL3, because they're insecure + badly broken protocols.
All recent certs + connections will be TLS.
I don't use Outlook + most email clients have an option either to try SSL first + then TLS, or to force TLS.
If you set SSL, this means SSL2 or SSL3 + what you're really after is TLS... because...
Google does not support SSL2 + SSL3, because they're insecure + badly broken protocols.
ASKER
that's wired.. even today many open source products still use SSL 3 !!!
ASKER
so, you think there isn't a solution?
can we force notes client to use TLS?
can we force notes client to use TLS?
Interesting documents that may give you some clues (especially the "less secure clients" part):
https://www-01.ibm.com/support/docview.wss?uid=swg21998171
https://www.notesmail.com/home.nsf/tip20121227
https://www-01.ibm.com/support/docview.wss?uid=swg21998171
https://www.notesmail.com/home.nsf/tip20121227
If you use SSL2 or SSL3 you're just begging for problems.
There's a reason many companies like PayPal just switched (2018-06-29) to requiring TLSv1.2 as minimum security protocol they allow.
Gmail will not accept SSL2 or SSL3 connections.
I'd suggest you open a ticket with the organization providing you with Notes support + ask how to configure Notes to force TLSv1.2 so you're sure you're mail connections are accepted.
And the message you reference above...
error logging into pop.gmail.com: SSL bad peer certificate. Connection refused in lotus notes
Looks to be on a per Notes client basis, so I'm guessing where ever you setup your connection to pop.gmail.com you'll find a toggle switch for Force TLS somewhere.
Important: For this to work, you're first step is logging into the related gmail account + navigate to settings + manually enable POP.
If you don't have POP enabled, then you'll get a connection refused message all the time... which may simply mean POP in gmail is disabled + Notes is spewing a badly formed message.
Tip: Before mucking about with Notes, connect to your gmail account with an openssl client + test your gmail settings.
Way simpler to do initial debug with openssl, than a bloated tool like Notes. Use openssl + you'll get far more descriptive error messages.
There's a reason many companies like PayPal just switched (2018-06-29) to requiring TLSv1.2 as minimum security protocol they allow.
Gmail will not accept SSL2 or SSL3 connections.
I'd suggest you open a ticket with the organization providing you with Notes support + ask how to configure Notes to force TLSv1.2 so you're sure you're mail connections are accepted.
And the message you reference above...
error logging into pop.gmail.com: SSL bad peer certificate. Connection refused in lotus notes
Looks to be on a per Notes client basis, so I'm guessing where ever you setup your connection to pop.gmail.com you'll find a toggle switch for Force TLS somewhere.
Important: For this to work, you're first step is logging into the related gmail account + navigate to settings + manually enable POP.
If you don't have POP enabled, then you'll get a connection refused message all the time... which may simply mean POP in gmail is disabled + Notes is spewing a badly formed message.
Tip: Before mucking about with Notes, connect to your gmail account with an openssl client + test your gmail settings.
Way simpler to do initial debug with openssl, than a bloated tool like Notes. Use openssl + you'll get far more descriptive error messages.
Bloated? Why insult or disqualify the Asker?
@poramboku: can we see your Gmail setting in Notes?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I stand corrected, better use other tools to verify the connection step by step.
@porambuko: any progress?
ASKER
notes 9.,.x dont support, other product chosen
ASKER
trying to configure outlook for gmail