Debugging connection failure (GnuTLS TLS alert)?

Paul Aurich darkrain42 at pidgin.im
Fri Mar 26 12:44:44 EDT 2010


On 2010-03-26 09:14, Sebastian Kayser wrote:
> Greetings,
> 
> I am using pidgin 2.6.6 with GnuTLS 2.8.6 and the company XMPP server
> drops my connection attempt with a TLS alert right after the TLS client
> hello. Company IT says "known issue with GnuTLS, use NSS instead". Is
> there any way to narrow down and possibly solve this issue instead of
> simply falling back to NSS (which wouldn't be that easy to do as we are
> using distro provided packages)?
> 
> The following is the connection relevant, (anonymized) excerpt from
> 
> $ PURPLE_GNUTLS_DEBUG=9 pidgin -d
> 
> I don't have access to the XMPP server. Client platform is Solaris 10
> x86. Please tell me if you feel that this is something which should be
> taken to the GnuTLS guys instead.
> 

<snip content='log'/>

> 
> Sebastian

I can't tell what's wrong from this (although I'm no GnuTLS internals
expert), though it appears that the server doesn't like something that
GnuTLS is sending in its initial handshake.

Could you run `gnutls-cli-debug -V -p 5223 xmpp.company.com` and send
back the results?

~Paul

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://pidgin.im/pipermail/support/attachments/20100326/743369d3/attachment.sig>


More information about the Support mailing list