I've been trying to get gnus up and running with IMAP under
windows. The problem I'm having is that immediately after openssl
loads and connection is made to ym mail server, Emacs and gnus lock
up. I don't believe that this is a problem with gnus because if I
C-M-DEL out of openssl, gnus wakes back up and allows me to log into
the mail server. No mail is sent as you might expect, but otherwise
everything works perfectly afterwards. I'm very stumped by this. I've
tried reinstalling openssl, and trying as many setting as I can
understand with no luck. I'm not looking forward to the idea of
compiling it on my windows box, but that's an option. I am
going to try stunnel until further notice.

Here is the relevant part of my .gnus file:

On Mon, 07 Apr 2008 19:48:40 -0400 Nathaniel Calloway cornell.edu> wrote:

Sorry, I haven't seen this problem before. Can you debug by calling a
shell script that sends the openssl output to a file? What does your
IMAP log buffer say? Could you be calling the wrong openssl command
(give it an absolute path)?

Ted

Sorry for delay in posting this. I was having more problems with gnus than I anticipated. THIS issue is still unresolved however. *Messages* and *imap-log* are listed below. The dump from openssl didn't have any more info than is in *imap-log*. I'm still pretty clueless. Thanks.

Ted Zlatanov lifelogs.com> writes:

Based on this. I am thinking that you don't have the root CA installed
on your system. Check 'openssl version -d' to see where the library of
Openssl is. Then go to that directory to see if you have the root
certificates installed.

DigitalPig bottom.com> writes:

The problem still happens with the -verify 0 on. I went ahead and
downloaded the certificates to no avail either.

Oh yeah, and I get the same problem with gnutls.

-Nat

Nathaniel Calloway cornell.edu> writes:

Nathaniel Calloway cornell.edu> writes:

DigitalPig bottom.com> writes:

I really don't think its a problem with the certs, because first, I
shouldn't have to authenticate the server's. That said, I'm
authenticating fine because I got the certs and I still have the same
problem (I'm using -CApath already). Everything goes fine untill gnus
trys to start talking to openssl. Then all of emacs locks up untill i
terminate openssl, at which point gnus tries to send my IMAP login,
but it's too late because openssl is already gone. Below in the
imap-log you'll see the login attempt. The point immediately before
that is where the process hangs

Anyway, here is the log you asked for above (with -showcerts):

-Nat

verify depth is 1
Loading 'screen' into random state -CONNECTED(00000784)
write to 0xa48a38 [0xa56c78] (88 bytes => 88 (0x58))
0000 - 16 03 00 00 53 01 00 00-4f 03 00 47 ff 6f f8 fa ....S...O..G.o.....

Hi~ I tried on my computer with openssl. It seems that you need the root
certificate of VeriSign. First I used openssl with the exactly same
options as you did and got:

However, I added the -CApath /etc/ssl/certs (Ubuntu 7.10 with
ca-certificates package installed.) Then the authentication looks OK:

So I am thinking that you are lack of Root certificate of VerySign. I
agree with you that maybe it is not the point of the problem. But maybe
the issue because sometimes you don't know what the real reason for the
error is.