This contains a new QCSSL.dll for you to try. This is
functionally identical to the previous version except that it does no
logging at all. I am concerned that your problem could be due to
the logging process affecting the timing of the TLS handshake. If
this does not prove to be the case then I will continue the
investigation.
Thank you for your patience with this.
Pete
At 03:00 PM 3/2/2022, B. Beor wrote:
Hi Pete, Thanks so much for
continuing to look at this. Two pieces of information that may be of
interest from my situation:
It appears that the QCSSL.dll file does play a role in the error I'm
getting. If I revert back to a non-patched QCSSL (like the original one I
have from 2005) I do not get the incoming mail certificate errors (but of
course I get the outgoing TLSv 1.0 errors that the patch fixed).
The usercerts.p7b is appropriately getting updated as I add new
certificates to 'trusted' when the popup asks me to.
On a related note, I confirmed that the results are the same (i.e.
usercerts.p7b getting updated) if the certificate is added to the trusted
list either by way of the popup box ("SSL server rejected" /
"Do you want to trust this certificate in future sessions") or
by going to Properties/Last SSL information, finding the skull and
crossbones, and clicking Add to Trusted.
One interesting thing is that in the Last SSL info on a failed attempt,
the negotiation status shows as failed, yet the notes say "cert
chain not trusted/cert bad destination host name does not match" but
ALSO says "But ignoring this error because Certificate is
trusted". In other words, it seems to know that the certificate has
been added to trusted, but still rejects it and the Certificate
Information Manager shows the skull and crossbones.
I've sent a request to join the listgroup to try to find the post by
Katrina you referenced. Many thanks.
<x-tab> </x-tab> https://www.maclean.com/downloads/BB.zip
This contains a new QCSSL.dll for you to try. This is functionally identical to the previous version except that it does no logging at all. I am concerned that your problem could be due to the logging process affecting the timing of the TLS handshake. If this does not prove to be the case then I will continue the investigation.
Thank you for your patience with this.
Pete
At 03:00 PM 3/2/2022, B. Beor wrote: