Page 1 of 1

SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Sat Sep 30, 2017 10:33 am
by bifo
Anyone run into this issue before? SSL won't work at all on the VMS build of Seamonkey, libssl3.so is in the folder and nothing is deactivated in preferences. Is the library just considered too out of date or should I reinstall the CSWB package? Do I need the SSL1 packages installed (hadn't gotten to it since I thought they were purely serverside)?

Re: SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Sat Sep 30, 2017 11:15 am
by robespierre
Is the problem that you cannot connect to a server?
Most everybody disabled SSL3 because of vulnerabilities like POODLE.

Re: SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Sat Sep 30, 2017 4:14 pm
by bifo
it refuses to open any https server

Re: SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Sat Sep 30, 2017 9:00 pm
by ClassicHasClass
Right, but is that because SSL3 got turned off, or because the library isn't loading? It may not be possible to tell from the client.

However, I *think* that version should have TLS 1.0 capability.

Re: SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Mon Oct 02, 2017 7:10 am
by bifo
ClassicHasClass wrote:Right, but is that because SSL3 got turned off, or because the library isn't loading? It may not be possible to tell from the client.

However, I *think* that version should have TLS 1.0 capability.


I'm not sure from the client, because of these two messages:

Could not initialize the browser's security component. The most likely cause is problems with files in your browser's profile directory. Please check that this directory has no read/write restrictions and your hard disk is not full or close to full. It is recommended that you exit the browser and fix the problem. If you continue to use this browser session, you might see incorrect browser behaviour when accessing security features.

SeaMonkey can't connect securely to ssl.gstatic.com because the SSL protocol has been disabled.

TLS and SSL3 are set to enabled.

I've installed SSL1 on the system, also as a heads up to everyone with a hobbyist license: There are a LOT of patches missing from the HPE site, and the psci patch is outdated (should be V0400) and will prevent you from installing the V1000 update that. I've let the HPE people know about this but if they don't get around to it or you don't have the current password to the FTP, you can get what you need here: http://mirrors.pdp-11.ru/_alpha/_VMS/Op ... 4_Updates/

SSL1 requires VMS84A_PCSI-V0400 and VMS84A_UPDATE-V1000, the first can only be found at that link for the time being and the other is on the HPE FTP, but can't be installed without the pcsi update. You'd think they'd check that...

Re: SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Mon Oct 02, 2017 8:53 am
by bifo
I've also noticed this error message in the terminal window that starts CSWB: LoadPlugin: failed to initialize shared library /sys$common/cswb/plugins/libjavaplugin_oji.so [OpenVMS status is decimal 540

Would reinstalling CSWB potentially fix these issues?

Re: SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Mon Oct 02, 2017 1:24 pm
by bifo
I set up a test account to see if it was actually a system issue and it doesn't throw the errors. Not really sure how that happens, but I'll chalk it up to some gremlins I guess and just use the new one with operator privileges

Re: SSL deactivated in Seamonkey 1.1-12 VMS

Posted: Mon Oct 02, 2017 6:58 pm
by ClassicHasClass
Of course, the other problem you'll have is most sites using SHA-256 certificates now (and SNI, etc.). I had to hack that support into Classilla, which is ultimately based on Mozilla 1.3.1.