Silverado Consulting Inc ~ Stuart's Technical Blog

Technology is wonderful...when it works

Recent Articles


VirtualBox 4.1 with Windows
7 Guest

February 2, 2012

Poor ICH9 chipset and DirectX graphical support


Norton Error 5022,2

October 28, 2011

Errors caused by the limit on the number of network filters


Recommended

More recommendations

CommunigatePro 5.4 TLS Failure

Failed to accept a secure connection


In Stalker Software's CommunigatePro Email server version 5.4, certain remote email servers will disconnect after requesting a secure TLS connection.  Resilient servers (bloomberg.net) will retry without the secure connection.  Non-resilient servers (schwab.com) will not; they will keep retrying to establish a secure connection.  The SMTPI log will show:

The problem is that the CommunigatePro server version 5.4 does not advertise support for certain TLS extensions which certain older OpenSSL libraries require.  The TLS negotiation fails, and the remote server disconnects

To fix the problem (Windows):

To verify that the server started with the extra parameters, look in the CommunigatePro log.  You should see:
  SYSTEM start options: "--Base" "C:\\CommuniGate Files" "--TLSServerHelloExtensions" "NO"

Windows 2000 Service Startup Parameters


In Windows 2000, the startup parameters may not "stick" in the service dialog box.  To verify that they are there, you can look in the Registry.  For the above example, the Registry key is:

HKEY_LOCAL_MACHINE :: SOFTWARE :: Stalker :: CommunigatePro

Parameters: REG_MULTI_SZ:--TLSServerHelloExtensions NO