Link to home
Start Free TrialLog in
Avatar of poramboku
poramboku

asked on

error logging into pop.gmail.com: SSL bad peer certificate. Connection refused in lotus notes

error logging into pop.gmail.com: SSL bad peer certificate. Connection refused in lotus notes
Avatar of poramboku
poramboku

ASKER

notes 8.5 or notes 9
trying to configure outlook for gmail
Avatar of Sjef Bosman
nope, I did this already..
Here's the configuration I used to have, but it's a while ago that I used it:
Capture1.PNG
Capture2.PNG
Likely problem is SSL... There hasn't really been any SSL for past... well... many years...

All recent certs + connections will be TLS.

I don't use Outlook + most email clients have an option either to try SSL first + then TLS, or to force TLS.

If you set SSL, this means SSL2 or SSL3 + what you're really after is TLS... because...

Google does not support SSL2 + SSL3, because they're insecure + badly broken protocols.
that's wired.. even today many open source products still use SSL 3 !!!
so, you think there isn't a solution?
can we force notes client to use TLS?
Interesting documents that may give you some clues (especially the "less secure clients" part):
https://www-01.ibm.com/support/docview.wss?uid=swg21998171
https://www.notesmail.com/home.nsf/tip20121227
If you use SSL2 or SSL3 you're just begging for problems.

There's a reason many companies like PayPal just switched (2018-06-29) to requiring TLSv1.2 as minimum security protocol they allow.

Gmail will not accept SSL2 or SSL3 connections.

I'd suggest you open a ticket with the organization providing you with Notes support + ask how to configure Notes to force TLSv1.2 so you're sure you're mail connections are accepted.

And the message you reference above...

error logging into pop.gmail.com: SSL bad peer certificate. Connection refused in lotus notes

Looks to be on a per Notes client basis, so I'm guessing where ever you setup your connection to pop.gmail.com you'll find a toggle switch for Force TLS somewhere.

Important: For this to work, you're first step is logging into the related gmail account + navigate to settings + manually enable POP.

If you don't have POP enabled, then you'll get a connection refused message all the time... which may simply mean POP in gmail is disabled + Notes is spewing a badly formed message.

Tip: Before mucking about with Notes, connect to your gmail account with an openssl client + test your gmail settings.

Way simpler to do initial debug with openssl, than a bloated tool like Notes. Use openssl + you'll get far more descriptive error messages.
Bloated? Why insult or disqualify the Asker?
@poramboku: can we see your Gmail setting in Notes?
ASKER CERTIFIED SOLUTION
Avatar of David Favor
David Favor
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I stand corrected, better use other tools to verify the connection step by step.
@porambuko: any progress?
notes 9.,.x dont support, other product chosen