Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 3423 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with TLS and email reception.

Casey Johnson

Hello,

I am having problems with receiving email from some systems.  The error they get is:

Error negotiating TLS: tls: failed to parse certificate from server: asn1: time did not serialize back to the original value and may be invalid:

 

I am on the most recent firmware for the UTM, and can't find a way to fix this.  Is anyone else receiving this? Or have a fix for this?

 

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    I have not seen this error.  Whenever there is a time issue, I would begin by verifying that both systems have correct clock time.   

    Since the error is on the other end, and the complaint is about the server, it sounds like your server certificate is the problem.   This would be confirmed if the problem occurs when they are sending messages to you, since the sender initiates the connection and is therefore the client to the TLS negotiation.

    A quick web search suggests that it is an error being returned by the OpenSSL layer.    Suggest you open a Support case.

    Are you using a commercial certificate for STMP TLS, or one that UTM generated for itself?  If self-generated, it may be useful to regenerate, since it seems to think the certificate is invalid. Doing so will probably have side effects in other functions that you will need to track down.

     

Reply
  • 0

    I have not seen this error.  Whenever there is a time issue, I would begin by verifying that both systems have correct clock time.   

    Since the error is on the other end, and the complaint is about the server, it sounds like your server certificate is the problem.   This would be confirmed if the problem occurs when they are sending messages to you, since the sender initiates the connection and is therefore the client to the TLS negotiation.

    A quick web search suggests that it is an error being returned by the OpenSSL layer.    Suggest you open a Support case.

    Are you using a commercial certificate for STMP TLS, or one that UTM generated for itself?  If self-generated, it may be useful to regenerate, since it seems to think the certificate is invalid. Doing so will probably have side effects in other functions that you will need to track down.

     

Children
No Data
Unfiltered HTML