Pages: Prev. 1 2 3 4 5 Next
RSS
TLS Handshake Failure (Gmail problem) - appreciate any help on how to fix
 
>> The original TLS problem (not related to antivirus software)
No matter related or no. On my strong opinion — is related. It all started in one moment of time. We need to know any things to kill this bug with our antivirus. I don't wanna shut off shields every time when need to send email through gmail. Wait a news from vendor about full fixing of the bug.
Модератор. Не являюсь сотрудником RitLabs (I'm not an employee of Ritlabs). https://belrus.biz/vendors/ritlabs.html
 
There still seems to be the same problem receiving mail via IMAP on version 9.1.12, can anyone also check and confirm?
Sending is working ok.
 
Quote
Jose Vicente Blanco wrote:
Quote
Jay Walker wrote:
 
Quote
Andrzej Czerkowski  wrote:
I stand corrected. BuildClientKeyExchange error is back and although it has something to do with Avast it's obviously also related to The Bat! Fresh install does not fix it, so do all other temporary circumventions.
 Andrzej, Ann, and others, I am not in a position to say that there is  not still a problem with TB's handling of TLS with Gmail. What I can say  is that the problem disappeared for me with versions 9.1.10 and 9.1.12.  And I can also say that those of you who are using a third-party  antivirus app and who have a persistent problem with TLS do not seem to  have adequate logical foundation for believing that there is still a  problem with TB's handling of TLS with Gmail. It is quite possible that  subsequent to Google's change in certificate requirements, TB is ahead  of the pack in resolving the issue. We all saw how quickly Maxim  responded and updated the TB msi version. Have you received a similar  update to Avast or AVG? Radoslaw presented a solution that is based on  disabling the GDATA scanner. As I understand, GDATA is a largely  deprecated Google API. You probably don't need such a scanner, and using  it may well lead to problems with later Google APIs. Again, how does  this become a problem in TB? So I humbly submit: If your antivirus  software is causing a problem with receiving or sending Gmail via TB...  and your operating system is Windows 10... then just disable your  third-party antivirus software (or somehow disable the GDATA scanner in  it). If you disable the third-party antivirus software completely, you  will default to using Windows Defender instead. And, IMHO, Windows  Defender offers as good or better protection than any other 'free'  antivirus software. Maybe it's not the 'devil you know', but it is not  hard to get acquainted.  
Sorry, please go to  https://www.ritlabs.com#message49381   As I said, I have disabled Kaspersky and enabled Windows Defender but the problem continues
Jose, your message link was incorrect, but I get the point. Your problem is entirely different. You want to solve a problem introduced by Google in the last few days with a version of TB that was released months ago. Unfortunately, there is no way - or at least I could not find a way -  to update Version 8.8.9 so that it contains the new certificates that Gmail now requires. Trust me when I say that I flogged that horse to death (figuratively speaking) and never got it to work. If you want to fix this problem, you cannot do it just by disabling Kaspersky and using Windows Defender. I was always using only Windows Defender, but I also had the problem you have until I installed 9.1.10 or 9.1.12. Let's be clear. I do not work for Ritlabs. So I cannot say whether Ritlabs will release an 8.x version with the latest certificates required by Google. That is their decision entirely. Perhaps if the demand is great enough and they think it will help or at least not hurt profits for their company, then maybe so. But, like I said, it's their decision; and I expect they will make it considering all factors that they deem important.
 
Problem is located with scanning emails via SSL connection in antivirus programs. Today i spoke with helpdesk of GDATA. They are working on solving the problem. Of course the problem origin is the same (like in TB) changing encrypting policy of gmail. For now I must uncheck <<Scan SSL connections>> in the menu Scanning emails/advanced . After that everything works fine. So I recommend to contact antivir program support, or disabling scanning emails via SSL connection. I think within few days, all antivir programs receive a patch, that will fix the problem.  
Edited: Radosław Olesiński - 10 April 2020 13:54:36
 
Quote
Daniel van Rooijen wrote:
Quote
Jose Vicente Blanco wrote:
Same problem here: V. 8.8.9, I can't send and I can't receive.

The original TLS problem (not related to antivirus software) was only solved in version 9.1.10....

See  https://www.ritlabs.com/en/auth-forums/forum4/topic14727/message49282/#message49282
But the problem in my side started the day before yesterday, until April 8 it had worked perfectly...

And some people in this thread reports the problem was not resolved by changing to V.9.1.x...

Also It is against my principles to pay again for a new version of software that I had already paid for  (two times, because I paid for V.7 and for V.8)...

In my opinion the developer of the application should solve the bug without having me to pay again
Edited: Jose Vicente Blanco - 10 April 2020 22:58:26 (error correction)
 
Quote
Jay Walker wrote:
Quote
Jose Vicente Blanco wrote:
 
Quote
Sorry, please go to   https://www.ritlabs.com#message49381    As I said, I have disabled Kaspersky and enabled Windows Defender but the problem continues
Jose, your message link was incorrect, but I get the point. Your problem is entirely different. You want to solve a problem introduced by Google in the last few days with a version of TB that was released months ago. Unfortunately, there is no way - or at least I could not find a way -  to update Version 8.8.9 so that it contains the new certificates that Gmail now requires. Trust me when I say that I flogged that horse to death (figuratively speaking) and never got it to work. If you want to fix this problem, you cannot do it just by disabling Kaspersky and using Windows Defender. I was always using only Windows Defender, but I also had the problem you have until I installed 9.1.10 or 9.1.12. Let's be clear. I do not work for Ritlabs. So I cannot say whether Ritlabs will release an 8.x version with the latest certificates required by Google. That is their decision entirely. Perhaps if the demand is great enough and they think it will help or at least not hurt profits for their company, then maybe so. But, like I said, it's their decision; and I expect they will make it considering all factors that they deem important.
Sorry for the incorrect link and thanks for your information. If you´re right may be that the solution is to update The Bat but as I said in other post I think the developer of the application should solve the bug without having me to pay again.

I am seriously considering changing my email client.
 
>>  For now I must uncheck <<Scan SSL connections>> in the menu Scanning emails/advanced . After that everything works fine.
I can confirm that works with Avast Business AV. But here we have problem that our gmail-box (and other boxes) is not under protection of installed antivirus.
Модератор. Не являюсь сотрудником RitLabs (I'm not an employee of Ritlabs). https://belrus.biz/vendors/ritlabs.html
 
Quote
Maxim Masiutin wrote:
Quote
Jay Walker wrote:
Beta with its various toolbar issues (including the disappearance of toolbar buttons on minimization and restoration, which is a bit of a hassle).
You may disable (uncheck) the option "Do not put The Bat! to Windows Task Bar" and restart The Bat!, until we fix this issue.
Thanks Maxim. 9.1.12 fixed the rendering issue for me.
 
After long day of searching solution i can confirm, that in version 8.3 of TheBat gmail work properly. Hope it will help :)
 
I'm using TB 9.1.12 x64 and my gmail also got error BuildClientKeyExchange error..

this morning, I fix it with this step..

at Avast just export again email certificate and then import it again to TheBat..

and then the problem is solved.

reference from this site

https://support.avast.com/en-ww/article/Troubleshoot-invalid-email-certificate
 
Quote
GUSNAWI ALIHOEDIN wrote:
at Avast just export again email certificate and then import it again to TheBat..
not working for me.  
 

update.. :

https://ibb.co/Ws9ghZS

when i check the scan inbound emails.. the BuildClientKeyExchange error occured again....

when uncheck scan inbound ... gmail normal again.

the problem still exist... so for now, i choose uncheck scan inbound emails.. until there's fixed solution.

thank you.
 
Quote
Alexander Idels wrote:
After long day of searching solution i can confirm, that in  version 8.3  of TheBat gmail work properly. Hope it will help
Thank you for the information. Does anybody know where to download version 8.3? (I have archived version 8.5, but it has the issue too.)
 
Quote
Alexander Idels wrote:
After long day of searching solution i can confirm, that in  version 8.3  of TheBat gmail work properly. Hope it will help

This works for me too.

- I downloaded v 8.3.00 x64 from filepuma (https://www.filepuma.com/download/the_bat_64bit_8.3.0-18534/)
- I configured gmail Authentication to Regular (not OAUTH) and used an app-specific password (set on https://myaccount.google.com/security)

Note that this did not work with v 8.4.00, 8.5.00 and 8.8.09 (got the certificate issue described in this thread).
 
Quote
Chip96 wrote:
Thank you for the information. Does anybody know where to download version 8.3? (I have archived version 8.5, but it has the issue too.)
You welcome https://yadi.sk/d/cl11epXA1xPTyQ
 
Quote
Alexander Idels wrote:
After long day of searching solution i can confirm, that in  version 8.3  of TheBat gmail work properly. Hope it will help
Yes, it works! It works for the SMTP server too.  Many thanks for your info!

I think the problem is the V.8.8.9 seek for the wrong certificate as can be seen in this log:

11/04/2020, 11:08:09: FETCH - Recibiendo mensajes
11/04/2020, 11:08:09: FETCH - Conectando con el servidor POP3 pop.gmail.com en el puerto 995
11/04/2020, 11:08:09: FETCH - Inicializando negociación TLS
>11/04/2020, 11:08:09: FETCH - Certificado S/N: 22DECAF1316813D2080000000035ED3F, algoritmo: ECC (256 bits), emitido de 24/03/2020 6:48:03 para 16/06/2020 6:48:03, para la(s) máquina(s) 1: pop.gmail.com.
>11/04/2020, 11:08:09: FETCH - Propietario: "US", "California", "Mountain View", "Google LLC", "pop.gmail.com".
>11/04/2020, 11:08:09: FETCH - Emisor: "US", "Google Trust Services", "GTS CA 1O1". Válido desde 15/06/2017 0:00:42 a 15/12/2021 0:00:42.
>11/04/2020, 11:08:09: FETCH - Raíz: "GlobalSign Root CA - R2", "GlobalSign", "GlobalSign" Válido desde 15/12/2006 8:00:00 a 15/12/2021 8:00:00.
!11/04/2020, 11:08:09: FETCH - Fallo en la negociación TLS. Certificado del Servidor Inválido (El certificado no puede ser utilizado para este propósito).

While the V.8.3 seek for the right certificate, and the operation ends successfully:
11/04/2020, 17:46:51: FETCH - Recibiendo mensajes 11/04/2020, 17:46:51: FETCH - Conectando con el servidor POP3 pop.gmail.com en el puerto 995
11/04/2020, 17:46:51: FETCH - Inicializando negociación TLS
>11/04/2020, 17:46:51: FETCH - Certificado S/N: 6FD1454D23B8237F080000000035EBAE, algoritmo: RSA (2048 bits), emitido de 24/03/2020 6:34:04 para 16/06/2020 6:34:04, para la(s) máquina(s) 1: pop.gmail.com.
>11/04/2020, 17:46:51: FETCH - Propietario: "US", "California", "Mountain View", "Google LLC", "pop.gmail.com".
>11/04/2020, 17:46:51: FETCH - Emisor: "US", "Google Trust Services", "GTS CA 1O1". Válido desde 15/06/2017 0:00:42 a 15/12/2021 0:00:42.
>11/04/2020, 17:46:51: FETCH - Raíz: "GlobalSign Root CA - R2", "GlobalSign", "GlobalSign" Válido desde 15/12/2006 8:00:00 a 15/12/2021 8:00:00.
11/04/2020, 17:46:51: FETCH - Negociación TLS completada
11/04/2020, 17:46:51: FETCH - Conectado al servidor POP3
11/04/2020, 17:46:53: FETCH - Autenticación (simple)
11/04/2020, 17:47:43: FETCH - 6 mensajes en la bandeja de entrada, 4 nuevos
 
Yes, 8.3 works.

I just uninstalled version 8.8.9 and installed version 8.3 which... strangely.. it is not on the archive list of previous versions that can be downloaded from ritlabs website.. unlike dozens of other previous versions... for some reason ritlabs wants does not make 8.3 available for their customers... so i downloaded it from  (https://www.filepuma.com/download/the_bat_64bit_8.3.0-18534/) ....

As soon as I installed 8.3 all my configuration and remain as usual and gmail magically works again I did not have to change anything... ... so.. I agree 8.3 has something that was removed in 8.8.9... I also confirm authentication for pop.gmail.com is set to "regular" ... which is the way I had it in 8.8.8 anyway.

It feel weird having to "downgrade" a program to make it work... something is nor right... but at least I can retrieve and send with gmail as well as with my other non-gmail addresses.
 
Quote
vper wrote:
Yes, 8.3 works.

I just uninstalled version 8.8.9 and installed version 8.3 which... strangely.. it is not on the archive list of previous versions that can be downloaded from ritlabs website.. unlike dozens of other previous versions... for some reason ritlabs wants does not make 8.3 available for their customers...

No need for your snide insinuations. The archive simply contains the latest version within each major release that a licensed user might be entitled to. It would be a very long list indeed if they offered all previous versions (for instance, that would be 24 different downloads for v8 alone).

Quote
so i downloaded it from  ( https://www.filepuma.com/download/the_bat_64bit_8.3.0-18534/ ) ....

And for those who may need a 32-bit version, it's at https://www.filepuma.com/download/the_bat_32bit_8.3.0-18533/

If you want to check for the differences between your own version and v8.3, see the revision history here.
I volunteer as a moderator to help keep the forum tidy. I do not work for Ritlabs SRL.
 
One thing that seemed to have helped with my issues with the latest Voyager v8 with Google - logged into my Google account and checked the security. Found there was two 'warnings' of "is that you", once I click Yes the 'stalled' emails had been sent. No change to Voyager was required. This maybe true with other versions of The Bat! v8.x

If not delete is your friend.

At one time Google motto was 'Do no harm', now if it was not for the use of an Android phone requiring Google account it would be deleted. Starting to get tired of all the crap from Google.

When a service costs nothing, then you are the product.
Edited: Arnold DeRoy - 12 April 2020 06:00:56 (added more rant)
 
Guys, what can I do with Voyager 8.8.9.11 and the TLS Handshake Failure? I can’t install 8.3 - No Voyager of this version
 
Specifying /TLS_DISABLE_ECDHE parameter in the command line fixes the issue:
Quote
[+] The /TLS_DISABLE_ECDHE command line option to disable elliptic curve Diffie-Hellman ephemeral key agreement cipher suites on TLS

https://thebat.info/news-305/The-Bat--8-5-6-2/
 
Quote
John Doe wrote:
Specifying /TLS_DISABLE_ECDHE parameter in the command line fixes the issue:
Quote
[+] The /TLS_DISABLE_ECDHE command line option to disable elliptic curve Diffie-Hellman ephemeral key agreement cipher suites on TLS

https://thebat.info/news-305/The-Bat--8-5-6-2/
I try to open thebat directly using command prompt with /TLS_DISABLE_ECDHE, and it worked.. thanks..

the question, how to add /TLS_DISABLE_ECDHE, to thebat shortcut??

i already try to edit thebat shortcut to "C:\Program Files\The Bat!\thebat64.exe" /TLS_DISABLE_ECDHE but it didnt worked :-(

maybe I do something wrong?

please advice, thank you.
 
Quote
Marek K. ZBOROWSKI wrote:
Quote
DrTeeth wrote:
 
Quote
Mefisto  wrote:
In this simple way we were forced to upgrade the software from 8 to 9 :P
 Once I cannot use v8 any longer, I will be leaving The Bat! for good.
Stay Safe
DrTeeth

You are not the only one who made such a decision. I bought an email client which is supposed to work - it may no longer be supported, but it must have feature and functionality I have paid for - it should be like a buing a car it may be a few years old but it still rides. I will never again recommend TB! to anyone else and rate this program and its support as very bad.
This policy - I mean forcing users to pay for a functionality they have already paid for - will sink RL some day. The sooner they understand it, the better.

PS. Private messages still do not work for me.
With all due respect to everyone who is complaining this way... and, presumably, hoping to pressure Ritlabs into doing as they want... I have to say this type of griping is off-topic and tiresome. FWIW, I know at least one person who is still using TB 4 or 5 for all of her considerable email correspondence... business correspondence on which her livelihood depends. Why does it work for her? Because her email server is not Gmail. It is not at all accurate to claim that connecting to Gmail is a basic functionality of TB. Ritlabs cannot reasonably be expected to dance to every whim of Google with full backward compatibility. I do not say that they should not put out a patch for TB 8 at least. I only say that this is something that should be requested, not demanded. And, anyway, it sounds like at least one solution and possibly two have already been presented here for the TB 8 problem with Gmail. So before demanding that Ritlabs fix your Gmail problem for you, please consider moving your email to a different server. Gmail can easily be configured to forward all of your mail to another email address. And if that is not convenient, either (1) Revert to version 8.3 or (2) Specify the /TLS_DISABLE_ECDHE parameter in the command line. Let's focus on those solutions, while giving Maxim and others at Ritlabs time to consider what else, if anything, they want to do with respect to TB 8 or earlier. Personally, I find this topic of interest. It pertains to a problem that I too was having. But now the topic is getting hijacked by persons who only want to vent their personal complaints rather than offer practical information. If anyone does not want to keep on using TB, that's his/her decision. Why do all of us have to hear about that? Let's move on.
 
Quote
Daniel van Rooijen wrote:
Quote
vper wrote:
Yes, 8.3 works.

I just uninstalled version 8.8.9 and installed version 8.3 which... strangely.. it is not on the archive list of previous versions that can be downloaded from ritlabs website.. unlike dozens of other previous versions... for some reason ritlabs wants does not make 8.3 available for their customers...


No need for your snide insinuations. The archive simply contains the latest version within each major release that a licensed user might be entitled to. It would be a very long list indeed if they offered  all  previous versions (for instance, that would be 24 different downloads for v8 alone).

Reply from vper:
Hi Daniel. I am surprised by your derogatory comment of my comment. No insinuation here. I did not say Ritlabs did it just to push us to buy updates, because I do not know what the reason is. But I found strange that a version for downgrading our product and make it work, is in an external site but not available from Ritlabs site, and that is what I said.  That is all. Now you provide a plausible explanation, which is welcomed. But as you can see... the sense of trust with companies decreases when customers feel the products they bought become obsolete too soon. By the way, thanks for your work as a moderator.

Quote
so i downloaded it from  (  https://www.filepuma.com/download/the_bat_64bit_8.3.0-18534/  ) ....

And for those who may need a 32-bit version, it's at  https://www.filepuma.com/download/the_bat_32bit_8.3.0-18533/

If you want to check for the differences between your own version and v8.3, see the revision history  here .
Edited: vper - 12 April 2020 18:40:01
 
Saint Pegasus,

try this it worked for me


"C:\Program Files\The Bat!\thebat64.exe" /TLS_DISABLE_PERFECT_FORWARD_SECRECY"

https://i.imgur.com/SjCmz5K.png
Pages: Prev. 1 2 3 4 5 Next