Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.sys.acorn.networking > #5350 > unrolled thread

What does the error message mean?

Started byDnews <dnews@triffid.co.uk>
First post2026-06-05 18:49 +0100
Last post2026-06-06 15:45 +0100
Articles 9 — 4 participants

Back to article view | Back to comp.sys.acorn.networking


Contents

  What does the error message mean? Dnews <dnews@triffid.co.uk> - 2026-06-05 18:49 +0100
    Re: What does the error message mean? Bob Latham <bob@sick-of-spam.invalid> - 2026-06-05 19:19 +0100
      What does the error message mean? Dnews <dnews@triffid.co.uk> - 2026-06-05 20:32 +0100
        Re: What does the error message mean? Bob Latham <bob@sick-of-spam.invalid> - 2026-06-05 20:42 +0100
          Re: What does the error message mean? Martin <News04@avisoft.f9.co.uk> - 2026-06-05 21:01 +0100
            Re: What does the error message mean? Bob Latham <bob@sick-of-spam.invalid> - 2026-06-06 11:22 +0100
              Re: What does the error message mean? Martin <News04@avisoft.f9.co.uk> - 2026-06-06 12:47 +0100
      Re: What does the error message mean? Doug Webb <doug.j.webb@btinternet.com> - 2026-06-06 14:23 +0100
        Re: What does the error message mean? Dnews <dnews@triffid.co.uk> - 2026-06-06 15:45 +0100

#5350 — What does the error message mean?

FromDnews <dnews@triffid.co.uk>
Date2026-06-05 18:49 +0100
SubjectWhat does the error message mean?
Message-ID<5ce44a2042dnews@triffid.co.uk>
Please!
Suddenly today I'm getting an error message when Hermes tries to login to
Google to post or retrieve mail.

I've done a grab of the error pane and put it upline at...

https://www.triffid.co.uk/dstuff/GError.jpg

I have no idea why?

Thanks
Dave

[toc] | [next] | [standalone]


#5351

FromBob Latham <bob@sick-of-spam.invalid>
Date2026-06-05 19:19 +0100
Message-ID<5ce44ce34abob@sick-of-spam.invalid>
In reply to#5350
In article <5ce44a2042dnews@triffid.co.uk>,
   Dnews <dnews@triffid.co.uk> wrote:
> Please!
> Suddenly today I'm getting an error message when Hermes tries to login to
> Google to post or retrieve mail.

> I've done a grab of the error pane and put it upline at...

> https://www.triffid.co.uk/dstuff/GError.jpg

> I have no idea why?

I'm not alone then.

I think you need one or two security files updating, specifically

HardDisc4.!Boot.Resources.!Internet.files.CertData

and 

HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL


These are available from the nightly builds here..
https://www.riscosopen.org/content/downloads/common

Or direct from here..

https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip

Cheers,

Bob.

[toc] | [prev] | [next] | [standalone]


#5352

FromDnews <dnews@triffid.co.uk>
Date2026-06-05 20:32 +0100
Message-ID<5ce4539d59dnews@triffid.co.uk>
In reply to#5351
In article <5ce44ce34abob@sick-of-spam.invalid>,
   Bob Latham <bob@sick-of-spam.invalid> wrote:
> In article <5ce44a2042dnews@triffid.co.uk>,
>    Dnews <dnews@triffid.co.uk> wrote:
> > Please! Suddenly today I'm getting an error message when Hermes tries
> > to login to Google to post or retrieve mail.

> > I've done a grab of the error pane and put it upline at...

> > https://www.triffid.co.uk/dstuff/GError.jpg

> > I have no idea why?

> I'm not alone then.

> I think you need one or two security files updating, specifically

> HardDisc4.!Boot.Resources.!Internet.files.CertData

> and 

> HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL


I have the above, and earlier today I updated the CertData.
Recently I  did it again and the message was. "CertData is already up to
date.

My AcornSSL 1.07 28th March 2025, I've now installed 1.09 23 May 2026.

Unfortunately the problem remains.  (Yes I have rebooted RISC OS after
changing the SSL to 1.09).

> These are available from the nightly builds here..
> https://www.riscosopen.org/content/downloads/common

> Or direct from here..

> https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip

> Cheers,
> Bob.

Thanks for the thoughts Bob, appreciated.
Dave

[toc] | [prev] | [next] | [standalone]


#5353

FromBob Latham <bob@sick-of-spam.invalid>
Date2026-06-05 20:42 +0100
Message-ID<5ce45483bdbob@sick-of-spam.invalid>
In reply to#5352
In article <5ce4539d59dnews@triffid.co.uk>,
   Dnews <dnews@triffid.co.uk> wrote:
> In article <5ce44ce34abob@sick-of-spam.invalid>,
>    Bob Latham <bob@sick-of-spam.invalid> wrote:
> > In article <5ce44a2042dnews@triffid.co.uk>,
> >    Dnews <dnews@triffid.co.uk> wrote:
> > > Please! Suddenly today I'm getting an error message when Hermes tries
> > > to login to Google to post or retrieve mail.

> > > I've done a grab of the error pane and put it upline at...

> > > https://www.triffid.co.uk/dstuff/GError.jpg

> > > I have no idea why?

> > I'm not alone then.

> > I think you need one or two security files updating, specifically

> > HardDisc4.!Boot.Resources.!Internet.files.CertData

> > and 

> > HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL


> I have the above, and earlier today I updated the CertData.
> Recently I  did it again and the message was. "CertData is already
> up to date.

> My AcornSSL 1.07 28th March 2025, I've now installed 1.09 23 May
> 2026.

> Unfortunately the problem remains.  (Yes I have rebooted RISC OS
> after changing the SSL to 1.09).

> > These are available from the nightly builds here..
> > https://www.riscosopen.org/content/downloads/common

> > Or direct from here..

> > https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip

Since I posted that info I found that I could no longer access Virgin
email accounts. I thought the SSL module the likely culprit and
dropped back to 1.07 28 Mar 2025. I now have access again so I
suspect that 1.09 module is 'bost' as we say in the Black Country.

No idea how to report that.

However, for whatever reason, certificate error (same as yours) has
stopped (for now).

Bob.

[toc] | [prev] | [next] | [standalone]


#5354

FromMartin <News04@avisoft.f9.co.uk>
Date2026-06-05 21:01 +0100
Message-ID<5ce456364eNews04@avisoft.f9.co.uk>
In reply to#5353
In article <5ce45483bdbob@sick-of-spam.invalid>,
   Bob Latham <bob@sick-of-spam.invalid> wrote:
> Since I posted that info I found that I could no longer access
> Virgin email accounts. I thought the SSL module the likely culprit
> and dropped back to 1.07 28 Mar 2025. I now have access again so I
> suspect that 1.09 module is 'bost' as we say in the Black Country.

> No idea how to report that.

I would suggest raising it on the ROOL forums - much more likely to be
noticed by those who know about these things than here.

I am using AcoenSSL 1.09 (23 May 2026) mbedTLS 3.6.6 here without
problem, but I do not use Google or Virgin email

-- 
Martin Avison 
Note that unfortunately this email address will become invalid
without notice if (when) any spam is received. 

[toc] | [prev] | [next] | [standalone]


#5355

FromBob Latham <bob@sick-of-spam.invalid>
Date2026-06-06 11:22 +0100
Message-ID<5ce4a511cabob@sick-of-spam.invalid>
In reply to#5354
In article <5ce456364eNews04@avisoft.f9.co.uk>,
   Martin <News04@avisoft.f9.co.uk> wrote:

> I would suggest raising it on the ROOL forums - much more likely to
> be noticed by those who know about these things than here.

I have attempted to do that.

Bob.

[toc] | [prev] | [next] | [standalone]


#5356

FromMartin <News04@avisoft.f9.co.uk>
Date2026-06-06 12:47 +0100
Message-ID<5ce4ace648News04@avisoft.f9.co.uk>
In reply to#5355
In article <5ce4a511cabob@sick-of-spam.invalid>,
   Bob Latham <bob@sick-of-spam.invalid> wrote:
> In article <5ce456364eNews04@avisoft.f9.co.uk>,
>    Martin <News04@avisoft.f9.co.uk> wrote:

> > I would suggest raising it on the ROOL forums - much more likely
> > to be noticed by those who know about these things than here.

> I have attempted to do that.

And it worked ... but please see further comments there.

-- 
Martin Avison 
Note that unfortunately this email address will become invalid
without notice if (when) any spam is received. 

[toc] | [prev] | [next] | [standalone]


#5357

FromDoug Webb <doug.j.webb@btinternet.com>
Date2026-06-06 14:23 +0100
Message-ID<60a0b5e45c.dougjwebb@btinternet.com>
In reply to#5351
In message <5ce44ce34abob@sick-of-spam.invalid>
          Bob Latham <bob@sick-of-spam.invalid> wrote:

> In article <5ce44a2042dnews@triffid.co.uk>,
>    Dnews <dnews@triffid.co.uk> wrote:
>> Please!
>> Suddenly today I'm getting an error message when Hermes tries to login to
>> Google to post or retrieve mail.

>> I've done a grab of the error pane and put it upline at...

>> https://www.triffid.co.uk/dstuff/GError.jpg

>> I have no idea why?

> I'm not alone then.

I've not been around for a bit so only just saw this and the ROOL thread.

Basically later AcornSSL modules have TLS1.3 enabled and the google
systems once seeing that the client has this are a lot stricter.

In essence if you enable the higher level of logging then you will see
that it says "No SNI, Server Name Indication, provided".

I did some testing with Rob Sprowson last year and also with RComp for
Hermes.

It seems Google have taken the specification and literally said well if
its TLS1.3 then you must implement it and hence you get the invalid issued 

by and to fields.

Hermes doesn't know what SNI to respond to in the version supplied with
and up to NetFetch 6.00.

The beta test software I was testing for RComp partially fixes the issue
but still needs an initial "accept or accept all" click

https://github.com/openssl/openssl/wiki/TLS1.3




-- 
Experience the future using ARM Technology - ARMBook,BeagleBoard -xM,
PandaBoard,Raspberry Pi,iMX6/ARMX6,IGEPv5 & Titanium powered by RISC OS
5.28.

[toc] | [prev] | [next] | [standalone]


#5358

FromDnews <dnews@triffid.co.uk>
Date2026-06-06 15:45 +0100
Message-ID<5ce4bd2adfdnews@triffid.co.uk>
In reply to#5357
In article <60a0b5e45c.dougjwebb@btinternet.com>,
   Doug Webb <doug.j.webb@btinternet.com> wrote:

[Snip]

> I've not been around for a bit so only just saw this and the ROOL thread.

> Basically later AcornSSL modules have TLS1.3 enabled and the google
> systems once seeing that the client has this are a lot stricter.

> In essence if you enable the higher level of logging then you will see
> that it says "No SNI, Server Name Indication, provided".

> I did some testing with Rob Sprowson last year and also with RComp for
> Hermes.

> It seems Google have taken the specification and literally said well if
> its TLS1.3 then you must implement it and hence you get the invalid
> issued 

> by and to fields.

> Hermes doesn't know what SNI to respond to in the version supplied with
> and up to NetFetch 6.00.

> The beta test software I was testing for RComp partially fixes the issue
> but still needs an initial "accept or accept all" click

> https://github.com/openssl/openssl/wiki/TLS1.3


Aha, I see, and interestingly sometimes if I click "Accept" it'll work,
but not always.  :-/

Dave

[toc] | [prev] | [standalone]


Back to top | Article view | comp.sys.acorn.networking


csiph-web