Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

After update to 38.1.0 I get - ssl_error_handshake_unexpected_alert

  • 7 답장
  • 2 이 문제를 만남
  • 1 보기
  • 최종 답변자: christ1

more options

Server uses these settings for POP3: port 995 Connection Security: SSL/TLS Authentication method: Normal password

After the updt to 38.1.0 it's just freez with "Connected to mail.serv.xxx". In Error Console I can see like something about handshaking and this: ssl_error_handshake_unexpected_alert

On another PC I have now TB 31.2.0 and all the same (mail server and settings) - no such problems.

So now I can check my mail only without "Connection Security" and at port 110.

Please stop doing it :( New update - new problems :(

Server uses these settings for POP3: port 995 Connection Security: SSL/TLS Authentication method: Normal password After the updt to 38.1.0 it's just freez with "Connected to mail.serv.xxx". In Error Console I can see like something about handshaking and this: ssl_error_handshake_unexpected_alert On another PC I have now TB 31.2.0 and all the same (mail server and settings) - no such problems. So now I can check my mail only without "Connection Security" and at port 110. Please stop doing it :( New update - new problems :(

글쓴이 booya 수정일시

선택된 해결법

I have to set security.tls.version.fallback-limit = 1

That would allow Thunderbird an insecure fallback to TLS version 1.1 or 1.0, which wouldn't be allowed by default. See https://support.mozilla.org/en-US/questions/1051530

I think my provider will not change anything about it and I will find another one

Finding a new provider sounds like a good idea.

server does not support RFC 5746, see CVE-2009-3555

See https://wiki.mozilla.org/Security:Renegotiation

문맥에 따라 이 답변을 읽어주세요 👍 1

모든 댓글 (7)

more options
more options

christ1 said

Can you post a screenshot of the error? http://support.mozilla.org/en-US/kb/how-do-i-create-screenshot-my-problem

Sure, but I have a russian ver. of Thunderbird. Sorry.

So when I'm not using any SSL-coonection (first part of a screenshot), TB can check mail and error log is clean. But with SSL (second part), log says about an error during connection to a server and:

SSL peer was not expecting a handshake message it received. (Error code: ssl_error_handshake_unexpected_alert)

Thank you!

글쓴이 booya 수정일시

more options
more options

Thank you for the answer and for the links.

So how can I solve the problem?

Now I have 38.3.0 and on another PC still 31.2.0. So I'm still using PO3 at 110 port without any SSL and on 31.2.0 I can use port 995 and SSL/TLS. Mail server is the same.

글쓴이 booya 수정일시

more options

You should talk to your email provider. My best guess is their server configuration is screwed. Or find a new provider where you can use SSL/TLS properly.

more options

My email privider answered me:

I have to set security.tls.version.fallback-limit = 1

I did it and it works, but now I have to press F5 (to check mail) twice.

I think my provider will not change anything about it and I will find another one, but my friend have 2000 visiting cards with with buggy provider...

I have another question - I've registered mail server at another provider (it's mine domainm, but mail server not) and now I can see:

server does not support RFC 5746, see CVE-2009-3555

when sending messages (SSL/TLS, 465 port, Normal Password). Is that bad?

Is it better anyway than my previous provider? At least it's mine domain and I can change provider when I want.

Thank you!

글쓴이 booya 수정일시

more options

선택된 해결법

I have to set security.tls.version.fallback-limit = 1

That would allow Thunderbird an insecure fallback to TLS version 1.1 or 1.0, which wouldn't be allowed by default. See https://support.mozilla.org/en-US/questions/1051530

I think my provider will not change anything about it and I will find another one

Finding a new provider sounds like a good idea.

server does not support RFC 5746, see CVE-2009-3555

See https://wiki.mozilla.org/Security:Renegotiation