May 31, 2022

Failed to read beginning of SSL/TLS record – can be caused by External Firewall

If the problem is with Office365, such as with SendEmail to smtp.office365.com, port 587, then updating to Chilkat v9.5.0.93 or later will solve the problem. For example, if you see the following, then update to v9.5.0.93 or later. … ensureSmtpSession: ensureSmtpConnection: smtpParams: SmtpHost: smtp.office365.com SmtpPort: 587 SmtpUsername: … SmtpSsl: 0 StartTLS: 1 –smtpParams smtpConnect: smtpHostname: smtp.office365.com smtpPort: 587 connectionIsReady: SMTP […]

Errors 0 1 min read
October 2, 2019

HMRC Ending Support for TLS versions 1.0 and 1.1

Question: We use your system to submit to VAT returns to HMRC using Making Tax Digital. Does this TLS stuff mean anything to you?  The only reference I can see to it in the code is setting a TLS Boolean to true, which doesn’t specify a version? (This is a portion of the notice from HMRC) “Your application should now […]

Uncategorized 0 1 min read
September 20, 2019

Ftp2 AuthTls, AuthSsl, and Ssl Properties Clarified

Question: We are about using Chilkat C++ library for an FTPS connection.  I read on online documentation that there is method CkFtp2::put_AuthTls which allows setting TLS connection. Some questions about client behavior according to this method: if we don’t call this method, transmission is in clear text? Is it equivalent to CkFtp2::put_AuthTls(false)? If  we call this method with parameter true […]

Uncategorized 0 1 min read
September 12, 2019

TLS Connection Disrupted after Handshake Completes

The following error can be caused by firewall restrictions. I do not know the specifics of the firewall restrictions, but the TLS connection completes successfully in the prior call to Chilkat.Rest.Connect().    In other words, the TLS handshake completes successfully and then the firewall closes (or blocks) the connection.   ChilkatLog: FullRequestFormUrlEncoded: DllDate: Jul 24 2019 ChilkatVersion: 9.5.0.79 UnlockPrefix: Start […]

Uncategorized 0 39 sec read
May 6, 2014

v9.5.0.38 Micro Update: TrustedRoots Object/Class Added, and other various fixes

This new version includes the following updates/fixes: Added the TrustedRoots class to allow for programss to globally specify a specific set of trusted root CA certificates for PKCS7 certificate signature verification and for SSL/TLS server certificate trust. Added the RequireSslCertVerify property to Http, IMAP, Socket, and MHT. Added the CrcFile and CrcBytes methods to the Crypt2 API. Added a new […]

Uncategorized 0 54 sec read
April 24, 2014

v9.5.0.34 Micro Update: SSL/TLS Perfect Forward Secrecy, Minor HTTP and ASN.1 Fixes

The internal Chilkat SSL/TLS implementation now supports the TLS_DHE_RSA_WITH_AES_256_CBC_SHA and TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher suites. These allow for perfect forward secrecy. Note: This is implemented on the client-side for all protocols using SSL/TLS. The SSL/TLS client provides the server with a list of algorithms it supports, and it is the server that decides which is to be used. These new algorithms are […]

Uncategorized 0 54 sec read
January 24, 2012

(FTPS) 530 No client certificate presented.

If this FTP server response is seen in the LastErrorText, it means that the SSL/TLS connection requires a client-side certificate with private key.   Prior to connecting, the client-side certificate should be specified by calling the SetSslClientCert, or SetSslClientCertPfx.  Make sure to check the return value of these methods for success/failure.  If the SetSslClientCert* method fails, then no client-side certificate has […]

Uncategorized 0 43 sec read
December 15, 2009

SSL/TLS Error – SEC_E_INTERNAL_ERROR

Problem: An SSL/TLS connection failed and the LastErrorText contains “SEC_E_INTERNAL_ERROR”, such as in the error text below: (See cause solution below) ChilkatLog: Connect: DllDate: Dec 4 2009 UnlockPrefix: **** Username: **** Component: .NET 2.0 objectId: 1 hostname: *.*.*.* port: 443 ssl: 1 maxWaitMs: 20000 windowsAccount: **** ClientCertDN: **** protocol: default An existing connection was forcibly closed by the remote host. […]

Uncategorized 0 1 min read
May 30, 2008

Port 465 is Normally the Implicit SSL SMTP Port, but not always…

If you open a DOS prompt and telnet to an SMTP server (typically port 25 for non-SSL, port 465 for SSL), you should get a human-readable printable-text “HELLO” message from the non-SSL port, but binary SSL-handshake protocol gobbly-gook from an implicit SSL port. For example: > telnet mail.chilkatsoft.com 25 220 mail.chilkatsoft.com ESMTP MailEnable Service, Version: 0-1.85- ready at 05/30/08 08:04:19 […]

Uncategorized 0 57 sec read

Tags

ActiveX asp async asynchronous C# callbacks charset Delphi email Encryption error messages events exchange server FTP GMail HTTP IMAP IOS Java Linking MHT MIME oauth2 Office365 pfx PHP pop3 port-forwarding regsvr32 release notes RSA SFTP SMTP socket SSH SSL TLS tunnel upload vb6 VC++ x64 xades XML zip