An issue that wont die? A TLS packet with unexpected length was received

Jonathan Plews jonathan at
Tue Sep 7 12:36:34 CEST 2010


I've used as much time as I can practically allow to try find out what  
is wrong here. This issue has raised its head because of Exchange  
severs sending mail to one of my clients do not fall back to  
unencrypted when it encounters an error, and this seems to only be  
happening recently. They just sit there trying to connect again and  
again (sending unhelpful errors back to the sender)

I'm using Debain 5, the packages directly related to the problem are  
Exim, GNUTLS and ca-certificates.

The quick fix was to hack at /etc/ssl/certs and remove it all (apart  
from ones used by services running on the box itself)

Before I embark on trying to find problems between ca-certificates and  
gnutls I just wanted to ask if anyone knows about this issue and a  
better way to fix it?

Judging from the years of mess and bug reports this issue could do  
with being wrapped up for everyone, I saw it crop up on the debian  
exim list a month or so ago.

I may be missing something, in which case I'm sorry and grateful for the help.

Jonathan Plews

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: PGP Digital Signature
URL: </pipermail/attachments/20100907/98f02dbe/attachment.pgp>

More information about the Gnutls-help mailing list