Pages: Prev. 1 2 3 4 5
RSS
TLS Handshake Failure (Gmail problem) - appreciate any help on how to fix
 
Quote
luis duarte wrote:
Saint Pegasus,

try this it worked for me


"C:\Program Files\The Bat!\thebat64.exe" /TLS_DISABLE_PERFECT_FORWARD_SECRECY"

https://i.imgur.com/SjCmz5K.png
It worked for me too.  

Thanks very much luis.
 
For more explanations:

https://www.ritlabs.com/en/forums/forum4/topic13404/message45985/#message45985
 
I agree with complaints about the many off-topic messages about Ritlabs' upgrade policy. I have moved those to 'Moaning, venting and complaining about upgrade policy'. Hopefully that restores legibility of this topic. At this point, I do not want to close this topic because there may still be useful new findings or developments.

Carry on!
I volunteer as a moderator to help keep the forum tidy. I do not work for Ritlabs SRL.
 
Quote
luis duarte wrote:
Saint Pegasus,

try this it worked for me


"C:\Program Files\The Bat!\thebat64.exe" /TLS_DISABLE_PERFECT_FORWARD_SECRECY"

https://i.imgur.com/SjCmz5K.png
Thanks, Luis. Very helpful, I'm sure. Definitely an easy fix, assuming it works. One small suggestion, which probably won't make a practical difference. The final quotation mark is superfluous, as it has no opening quote. Probably won't kick up an error, but the correct code would be:
"C:\Program Files\The Bat!\thebat64.exe" /TLS_DISABLE_PERFECT_FORWARD_SECRECY
Edited: Jay Walker - 13 April 2020 01:48:35
 
i'm edit the bat shortcut and it wont worked...

I create a new shortcut and it worked..

thank you everyone..
 
Quote
Saint Pegasus wrote:
i'm edit the bat shortcut and it wont worked...

I create a new shortcut and it worked..

thank you everyone..
Great. Happy to hear your problem was more or less resolved.
 
well i have a gmail account and it all seems to be working fine using `thebat` just sent myself an email from the bat to my gmail address it got there and I picked the reply back  in thebat

Been ok since v9 for me I`ve running latest update 9.1.14   64bit Pro-edition

There is a setting in Gmail you have to switch on maybe thats the problem people are having.........

put these details in thebat account for your gmail

smtp.gmail.com
secure to reg port STARTTLS  port 587

pop.gmail.com
user: username only not full address (username)@gmail.com

secure to dedicated port TLS  port 995


its working fine for me, good luck!
 
Quote
luis duarte wrote:
Saint Pegasus,

try this it worked for me


"C:\Program Files\The Bat!\thebat64.exe" /TLS_DISABLE_PERFECT_FORWARD_SECRECY

https://i.imgur.com/SjCmz5K.png
Thank you very much, Luis, it seems to me a very good solution
Edited: Jose Vicente Blanco - 14 April 2020 13:46:56
 
Quote
Miloslav Maun wrote:
"SEND  - Chyba protokolu TLS: Vnitřní chyba BuildClientKeyExchange."
It is fixed in The Bat! 9.1.16 (released on April 18th, 2020). You can download it from https://www.ritlabs.com/en/products/thebat/download.php

In an ECDSA signature, if a hash function had larger digest length (in bits) than the field size (which is not a good practice), The Bat! treated these signatures as invalid. It might lead to invalid ECC certificates, e.g. signed by "sha512ECDSA" algorithm. It might also lead to the following error: "TLS protocol error: Internal error BuildClientKeyExchange". For more information, see section 6.4 of FIPS.186-4 "ECDSA Digital Signature Generation and Verification": It is recommended that the security strength associated with the bit length of n and the security strength of the hash function be the same unless an agreement has been made between participating entities to use a stronger hash function. When the length of the output of the hash function is greater than the bit length of n, then the leftmost n bits of the hash function output block shall be used in any calculation using the hash function output during the generation or verification of a digital signature. A hash function that provides a lower security strength than the security strength associated with the bit length of n ordinarily should not be used, since this would reduce the security strength of the digital signature process to a level no greater than that provided by the hash function.

 
9-1-16 I can send messages with work of Avast. Guys who's have problem with AV (not only Avast) as me - please check it.
Модератор. Не являюсь сотрудником RitLabs (I'm not an employee of Ritlabs). https://belrus.biz/vendors/ritlabs.html
 
Quote
George Salnik wrote:
9-1-16 I can send messages with work of Avast. Guys who's have problem with AV (not only Avast) as me - please check it.
I can confirm. With 9.1.6 and Avast on, I am not getting any BuildClientKeyExchange Internal Errors anymore. Gmail accounts are working as intended. A question remains, however, why it took RIT Labs so long to fix it.
 
Quote
Andrzej Czerkowski wrote:
A question remains, however, why it took RIT Labs so long to fix it.

??????

Avast and other A/V programs are using a controversial hack to intercept and mess with the log-in process of e-mail clients. As a result, those clients sometimes stop functioning correctly. Just WHO should fix their software in such a case? I think Avast users have to be glad that Ritlabs took action at all and adapted its software to make it compatible with Avast's hack (For laughs, or cries, have a look at the troubles that the antivirus cowboys have been causing for Thunderbird users).
I volunteer as a moderator to help keep the forum tidy. I do not work for Ritlabs SRL.
 
Quote
Daniel van Rooijen wrote:
Avast and other A/V programs are using a controversial hack to intercept and mess with the log-in process of e-mail clients. As a result, those clients sometimes stop functioning correctly. Just WHO should fix their software in such a case? I think Avast users have to be glad that Ritlabs took action at all and adapted its software to make it compatible with Avast's hack (For laughs, or cries, have a look at the troubles that the antivirus cowboys have been causing for  Thunderbird  users).
As I understand, version 8 and early 9 of the program did not have such a problem, Thunderbird (and I have it, too) does not have such a problem.
 
Hi,

Just wanted to report my rather nightmarish experience with this today.

I've just bought a new laptop, so I created a full backup of The Bat! from my desktop machine (14 GB... with The Bat! messages going back to the 1990s...), and transferred it over to the new laptop.

Well, more or less everything* went smoothly despite the huge backup file size... except for this handshake failure! I use 4 various Gmail accounts (regular public account + a school account + 2 business accounts), and none of them were able to connect to the server.

The solution was very easy (but difficult to find, until I managed to google this forum thread!), so I wanted to thank whoever first posted it here first. All I had to do was to modify the link target so that it now is:
Code
"C:\Program Files\The Bat!\thebat64.exe" /TLS_DISABLE_PERFECT_FORWARD_SECRECY

It looks very weird, but works perfectly. I have nothing like that on my main desktop machine, yet I get no TLS handshake failures there. I suppose that's because I set up my current desktop machine 3 years ago or so?

* "more or less", because the full The Bat! backup still isn't totally full, you know... That's been a weakness of The Bat! backups for decades, I dare say. Specifically: none of my editor preferences, header layout preferences, etc., got transferred from the desktop to the laptop, and I had to set up everything in those areas from scratch on the laptop. I really believe that absolutely all preferences and customized user settings should be included in the full backup file, if that's what the user wishes to create...
 
Quote
I really believe that absolutely  all  preferences and customized user settings should be included in the full backup file, if that's what the user wishes to create...

Fellow forum user David Kirk made a tool for that. See https://www.ritlabs.com/en/auth-forums/forum4/topic12953/
I volunteer as a moderator to help keep the forum tidy. I do not work for Ritlabs SRL.
 
Thanks for posting that, Daniel. I updated that URL recently to also include reference to 7-Zip as some viewers had difficulty unzipping and keying in password with the default Windows unzip feature. There are also instructions on the steps to perform when moving to a new PC or after a crash.

david
Pages: Prev. 1 2 3 4 5