Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.sys.acorn.networking > #5350 > unrolled thread
| Started by | Dnews <dnews@triffid.co.uk> |
|---|---|
| First post | 2026-06-05 18:49 +0100 |
| Last post | 2026-06-06 15:45 +0100 |
| Articles | 9 — 4 participants |
Back to article view | Back to comp.sys.acorn.networking
What does the error message mean? Dnews <dnews@triffid.co.uk> - 2026-06-05 18:49 +0100
Re: What does the error message mean? Bob Latham <bob@sick-of-spam.invalid> - 2026-06-05 19:19 +0100
What does the error message mean? Dnews <dnews@triffid.co.uk> - 2026-06-05 20:32 +0100
Re: What does the error message mean? Bob Latham <bob@sick-of-spam.invalid> - 2026-06-05 20:42 +0100
Re: What does the error message mean? Martin <News04@avisoft.f9.co.uk> - 2026-06-05 21:01 +0100
Re: What does the error message mean? Bob Latham <bob@sick-of-spam.invalid> - 2026-06-06 11:22 +0100
Re: What does the error message mean? Martin <News04@avisoft.f9.co.uk> - 2026-06-06 12:47 +0100
Re: What does the error message mean? Doug Webb <doug.j.webb@btinternet.com> - 2026-06-06 14:23 +0100
Re: What does the error message mean? Dnews <dnews@triffid.co.uk> - 2026-06-06 15:45 +0100
| From | Dnews <dnews@triffid.co.uk> |
|---|---|
| Date | 2026-06-05 18:49 +0100 |
| Subject | What does the error message mean? |
| Message-ID | <5ce44a2042dnews@triffid.co.uk> |
Please! Suddenly today I'm getting an error message when Hermes tries to login to Google to post or retrieve mail. I've done a grab of the error pane and put it upline at... https://www.triffid.co.uk/dstuff/GError.jpg I have no idea why? Thanks Dave
[toc] | [next] | [standalone]
| From | Bob Latham <bob@sick-of-spam.invalid> |
|---|---|
| Date | 2026-06-05 19:19 +0100 |
| Message-ID | <5ce44ce34abob@sick-of-spam.invalid> |
| In reply to | #5350 |
In article <5ce44a2042dnews@triffid.co.uk>, Dnews <dnews@triffid.co.uk> wrote: > Please! > Suddenly today I'm getting an error message when Hermes tries to login to > Google to post or retrieve mail. > I've done a grab of the error pane and put it upline at... > https://www.triffid.co.uk/dstuff/GError.jpg > I have no idea why? I'm not alone then. I think you need one or two security files updating, specifically HardDisc4.!Boot.Resources.!Internet.files.CertData and HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL These are available from the nightly builds here.. https://www.riscosopen.org/content/downloads/common Or direct from here.. https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip Cheers, Bob.
[toc] | [prev] | [next] | [standalone]
| From | Dnews <dnews@triffid.co.uk> |
|---|---|
| Date | 2026-06-05 20:32 +0100 |
| Message-ID | <5ce4539d59dnews@triffid.co.uk> |
| In reply to | #5351 |
In article <5ce44ce34abob@sick-of-spam.invalid>, Bob Latham <bob@sick-of-spam.invalid> wrote: > In article <5ce44a2042dnews@triffid.co.uk>, > Dnews <dnews@triffid.co.uk> wrote: > > Please! Suddenly today I'm getting an error message when Hermes tries > > to login to Google to post or retrieve mail. > > I've done a grab of the error pane and put it upline at... > > https://www.triffid.co.uk/dstuff/GError.jpg > > I have no idea why? > I'm not alone then. > I think you need one or two security files updating, specifically > HardDisc4.!Boot.Resources.!Internet.files.CertData > and > HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL I have the above, and earlier today I updated the CertData. Recently I did it again and the message was. "CertData is already up to date. My AcornSSL 1.07 28th March 2025, I've now installed 1.09 23 May 2026. Unfortunately the problem remains. (Yes I have rebooted RISC OS after changing the SSL to 1.09). > These are available from the nightly builds here.. > https://www.riscosopen.org/content/downloads/common > Or direct from here.. > https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip > Cheers, > Bob. Thanks for the thoughts Bob, appreciated. Dave
[toc] | [prev] | [next] | [standalone]
| From | Bob Latham <bob@sick-of-spam.invalid> |
|---|---|
| Date | 2026-06-05 20:42 +0100 |
| Message-ID | <5ce45483bdbob@sick-of-spam.invalid> |
| In reply to | #5352 |
In article <5ce4539d59dnews@triffid.co.uk>, Dnews <dnews@triffid.co.uk> wrote: > In article <5ce44ce34abob@sick-of-spam.invalid>, > Bob Latham <bob@sick-of-spam.invalid> wrote: > > In article <5ce44a2042dnews@triffid.co.uk>, > > Dnews <dnews@triffid.co.uk> wrote: > > > Please! Suddenly today I'm getting an error message when Hermes tries > > > to login to Google to post or retrieve mail. > > > I've done a grab of the error pane and put it upline at... > > > https://www.triffid.co.uk/dstuff/GError.jpg > > > I have no idea why? > > I'm not alone then. > > I think you need one or two security files updating, specifically > > HardDisc4.!Boot.Resources.!Internet.files.CertData > > and > > HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL > I have the above, and earlier today I updated the CertData. > Recently I did it again and the message was. "CertData is already > up to date. > My AcornSSL 1.07 28th March 2025, I've now installed 1.09 23 May > 2026. > Unfortunately the problem remains. (Yes I have rebooted RISC OS > after changing the SSL to 1.09). > > These are available from the nightly builds here.. > > https://www.riscosopen.org/content/downloads/common > > Or direct from here.. > > https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip Since I posted that info I found that I could no longer access Virgin email accounts. I thought the SSL module the likely culprit and dropped back to 1.07 28 Mar 2025. I now have access again so I suspect that 1.09 module is 'bost' as we say in the Black Country. No idea how to report that. However, for whatever reason, certificate error (same as yours) has stopped (for now). Bob.
[toc] | [prev] | [next] | [standalone]
| From | Martin <News04@avisoft.f9.co.uk> |
|---|---|
| Date | 2026-06-05 21:01 +0100 |
| Message-ID | <5ce456364eNews04@avisoft.f9.co.uk> |
| In reply to | #5353 |
In article <5ce45483bdbob@sick-of-spam.invalid>, Bob Latham <bob@sick-of-spam.invalid> wrote: > Since I posted that info I found that I could no longer access > Virgin email accounts. I thought the SSL module the likely culprit > and dropped back to 1.07 28 Mar 2025. I now have access again so I > suspect that 1.09 module is 'bost' as we say in the Black Country. > No idea how to report that. I would suggest raising it on the ROOL forums - much more likely to be noticed by those who know about these things than here. I am using AcoenSSL 1.09 (23 May 2026) mbedTLS 3.6.6 here without problem, but I do not use Google or Virgin email -- Martin Avison Note that unfortunately this email address will become invalid without notice if (when) any spam is received.
[toc] | [prev] | [next] | [standalone]
| From | Bob Latham <bob@sick-of-spam.invalid> |
|---|---|
| Date | 2026-06-06 11:22 +0100 |
| Message-ID | <5ce4a511cabob@sick-of-spam.invalid> |
| In reply to | #5354 |
In article <5ce456364eNews04@avisoft.f9.co.uk>, Martin <News04@avisoft.f9.co.uk> wrote: > I would suggest raising it on the ROOL forums - much more likely to > be noticed by those who know about these things than here. I have attempted to do that. Bob.
[toc] | [prev] | [next] | [standalone]
| From | Martin <News04@avisoft.f9.co.uk> |
|---|---|
| Date | 2026-06-06 12:47 +0100 |
| Message-ID | <5ce4ace648News04@avisoft.f9.co.uk> |
| In reply to | #5355 |
In article <5ce4a511cabob@sick-of-spam.invalid>, Bob Latham <bob@sick-of-spam.invalid> wrote: > In article <5ce456364eNews04@avisoft.f9.co.uk>, > Martin <News04@avisoft.f9.co.uk> wrote: > > I would suggest raising it on the ROOL forums - much more likely > > to be noticed by those who know about these things than here. > I have attempted to do that. And it worked ... but please see further comments there. -- Martin Avison Note that unfortunately this email address will become invalid without notice if (when) any spam is received.
[toc] | [prev] | [next] | [standalone]
| From | Doug Webb <doug.j.webb@btinternet.com> |
|---|---|
| Date | 2026-06-06 14:23 +0100 |
| Message-ID | <60a0b5e45c.dougjwebb@btinternet.com> |
| In reply to | #5351 |
In message <5ce44ce34abob@sick-of-spam.invalid>
Bob Latham <bob@sick-of-spam.invalid> wrote:
> In article <5ce44a2042dnews@triffid.co.uk>,
> Dnews <dnews@triffid.co.uk> wrote:
>> Please!
>> Suddenly today I'm getting an error message when Hermes tries to login to
>> Google to post or retrieve mail.
>> I've done a grab of the error pane and put it upline at...
>> https://www.triffid.co.uk/dstuff/GError.jpg
>> I have no idea why?
> I'm not alone then.
I've not been around for a bit so only just saw this and the ROOL thread.
Basically later AcornSSL modules have TLS1.3 enabled and the google
systems once seeing that the client has this are a lot stricter.
In essence if you enable the higher level of logging then you will see
that it says "No SNI, Server Name Indication, provided".
I did some testing with Rob Sprowson last year and also with RComp for
Hermes.
It seems Google have taken the specification and literally said well if
its TLS1.3 then you must implement it and hence you get the invalid issued
by and to fields.
Hermes doesn't know what SNI to respond to in the version supplied with
and up to NetFetch 6.00.
The beta test software I was testing for RComp partially fixes the issue
but still needs an initial "accept or accept all" click
https://github.com/openssl/openssl/wiki/TLS1.3
--
Experience the future using ARM Technology - ARMBook,BeagleBoard -xM,
PandaBoard,Raspberry Pi,iMX6/ARMX6,IGEPv5 & Titanium powered by RISC OS
5.28.
[toc] | [prev] | [next] | [standalone]
| From | Dnews <dnews@triffid.co.uk> |
|---|---|
| Date | 2026-06-06 15:45 +0100 |
| Message-ID | <5ce4bd2adfdnews@triffid.co.uk> |
| In reply to | #5357 |
In article <60a0b5e45c.dougjwebb@btinternet.com>, Doug Webb <doug.j.webb@btinternet.com> wrote: [Snip] > I've not been around for a bit so only just saw this and the ROOL thread. > Basically later AcornSSL modules have TLS1.3 enabled and the google > systems once seeing that the client has this are a lot stricter. > In essence if you enable the higher level of logging then you will see > that it says "No SNI, Server Name Indication, provided". > I did some testing with Rob Sprowson last year and also with RComp for > Hermes. > It seems Google have taken the specification and literally said well if > its TLS1.3 then you must implement it and hence you get the invalid > issued > by and to fields. > Hermes doesn't know what SNI to respond to in the version supplied with > and up to NetFetch 6.00. > The beta test software I was testing for RComp partially fixes the issue > but still needs an initial "accept or accept all" click > https://github.com/openssl/openssl/wiki/TLS1.3 Aha, I see, and interestingly sometimes if I click "Accept" it'll work, but not always. :-/ Dave
[toc] | [prev] | [standalone]
Back to top | Article view | comp.sys.acorn.networking
csiph-web