Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: SSL renegotiate denied

  1. #1
    Join Date
    May 2008
    Location
    Des Moines, IA
    Posts
    89
    Rep Power
    7

    Default SSL renegotiate denied

    I have a monitor plugged in that does nothing but watch logs. This one is /opt/zimbra/log/mailbox.log. Every now and again I see something new. This is the concern of the day:

    2010-03-26 23:45:25,175 WARN [btpool0-16] [] log - SSL renegotiate denied: java.nio.channels.SocketChannel[connected local=/10.0.0.14:443 remote=/10.0.0.14:40639]

    My port is open:
    Code:
    # iptables -L
    ...
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
    Can someone shed some light on the 'denied' part and if so, what's the cure?

    Thanks in advance,
    todd_dsm

    Don't forget to Vote for this bug:
    RFE: A place To Display the contents of 'My Documents'
    Reasoning: It's new, bold, and cool.
    Last edited by todd_dsm; 10-08-2010 at 09:21 AM.

  2. #2
    Join Date
    Feb 2008
    Posts
    37
    Rep Power
    7

    Default

    We have the same problem here.

    log - SSL renegotiate denied: java.nio.channels.SocketChannel

    After that, Pop3 doesn't work. Only after restarting Zimbra Server Pop3 work again.

    Regards,
    Erik

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by erik.schwalbe View Post
    We have the same problem here.

    log - SSL renegotiate denied: java.nio.channels.SocketChannel

    After that, Pop3 doesn't work. Only after restarting Zimbra Server Pop3 work again.

    Regards,
    Erik
    You haven't posted enough information from the log file to determine what the problem is, one line out of context is never sufficient.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    Join Date
    Feb 2008
    Posts
    37
    Rep Power
    7

    Default

    I think, this exeption show, what the problem is:

    Code:
    2010-08-06 09:23:14,238 INFO  [Pop3SSLServer-2] [ip=92.202.99.174;] ProtocolHandler - Exception occurred while handling connection
    java.net.SocketException: Socket closed
            at java.net.SocketInputStream.socketRead0(Native Method)
            at java.net.SocketInputStream.read(SocketInputStream.java:129)
            at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:293)
            at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:331)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
            at com.zimbra.cs.tcpserver.ProtocolHandler.startHandshake(ProtocolHandler.java:184)
            at com.zimbra.cs.tcpserver.ProtocolHandler.run(ProtocolHandler.java:134)
            at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(Unknown Source)
            at java.lang.Thread.run(Thread.java:619)
    Regards,
    Erik

  5. #5
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Please update your forum profile with the output of the following command (do not post the output in this thread):

    zmcontrol -v

    What client is being used to connect to the POP3 Zimbra server? Does this problem always occur for POP3 connections once this error appears? Does the problem happen for all POP3 users or just some users? Are the users able to connect with a different POP3 client after this error appears or do they still get the error? What errors (messages) do the users see in their POP3 client? I'm assuming this is for POP3S, is that correct? Do you have any firewall or SElinux active this Zimbra server? Are these users connecting to the Zimbra server via a LAN or from an external IP?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  6. #6
    Join Date
    Feb 2008
    Posts
    37
    Rep Power
    7

    Default

    What client is being used to connect to the POP3 Zimbra server?
    Thunderbird and AppleMail
    Code:
     [btpool0-1959] [aname=user@domain.com;ip=XX.XXX.XXX.XX;ua=DAVKit/4.0.3 (732);; CalendarStore/4.0.3 (991);; iCal/4.0.3 (1388);; Mac OS X/10.6.4 (10F569);] log - SSL renegotiate denied: java.nio.channels.SocketChannel[connected local=/192.168.0.9:443 remote=/XX.XXX.XXX.XX:52525]
    Does this problem always occur for POP3 connections once this error appears?
    Yes
    Does the problem happen for all POP3 users or just some users?
    All users
    Are the users able to connect with a different POP3 client after this error appears or do they still get the error?
    No, still get the error
    I'm assuming this is for POP3S, is that correct?
    Yes
    Do you have any firewall or SElinux active this Zimbra server?
    SELinux and ipTables are disabled
    Are these users connecting to the Zimbra server via a LAN or from an external IP?
    Both

    We only have 3-4 pop3 users. All other users use imap or the zimbra outlook connector with no problems. In former times pop3SSL work and I think after upgrading to Version 6 we have the problems. After restart the zimbra server zmcontrol restart the user can connect to zimbra server with Pop3SSL. After unascertained time the connection is lost.

    Regards,
    Erik

  7. #7
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    OK thanks for those detailed answers, I think you're going to have to file a support case and/or bug report for that to be looked at.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    Join Date
    Jul 2009
    Location
    Singapore
    Posts
    36
    Rep Power
    6

    Default

    Quote Originally Posted by phoenix View Post
    OK thanks for those detailed answers, I think you're going to have to file a support case and/or bug report for that to be looked at.
    Has a case been submitted on this? same issue encountered here. Zimbra Network Ed 6.0.7 on Ubuntu 8.04 64 bit. It has been running fine for over a month then issue came up all of a sudden. A restart of the zimbra service enable POP3S again. IMAPS has no issue.

  9. #9
    Join Date
    Jan 2009
    Location
    Stockholm, Sweden
    Posts
    96
    Rep Power
    6

    Default

    We started seeing this problem yesterday, and it's - as far as we know - the first time. We went from 6.0.7 to 6.0.9; we noticed slow account access yesterday, and the problem peaked this morning. After a zmmailboxdctl restart, it seems to have improved (this solution is obviously unacceptable).


    -joho

  10. #10
    Join Date
    Dec 2010
    Posts
    19
    Rep Power
    4

    Default

    Any solution found for this error ?

Similar Threads

  1. Help!!! Moving ZCS does not work!
    By ASebestian in forum Migration
    Replies: 7
    Last Post: 02-12-2009, 05:06 PM
  2. Help with tomcat ssl errors...
    By sgtstadanko in forum Administrators
    Replies: 4
    Last Post: 03-19-2007, 09:13 PM
  3. Backup issues
    By telescop in forum Administrators
    Replies: 3
    Last Post: 03-01-2007, 05:09 PM
  4. Ldap issues
    By mississippiman in forum Installation
    Replies: 11
    Last Post: 01-09-2007, 07:00 PM
  5. Move server to different OS
    By EriSan500 in forum Administrators
    Replies: 7
    Last Post: 03-05-2006, 12:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •