Thread: decryption failed or bad record mac
View Single Post

  #2  
Old 08-25-2008, 12:22 PM
Default Re: decryption failed or bad record mac
Please test against 0.9.8h; 0.9.8a is nearly 3 years old at this point.

-Kyle H

On Mon, Aug 25, 2008 at 8:55 AM, firelight wrote:
>
> Openssl version: 0.9.8a
> Objective: secure FTP (SFTP) w/o pasv
>
> Everything works with self signed cert if client that is going to connect is
> located ONLY on the same subnet.
>
> If I try to connect a client to the server from outside the subnet, ie.
> internet client user, I get a "decryption failed or bad record mac" error.
>
> Scenario:
> client (public ip) tries to connect to server (non-route able ip on DMZ with
> public IP forwarded). Won't work.
> client (non-route able ip on DMZ) tries to connect to server. Does work.
>
> Is there a mechanism inside OpenSSL that doesn't allow cert pass through if
> client isn't on the same subnet? Is this a bug?
> --
> View this message in context: http://www.nabble.com/decryption-fai...p19146541.html
> Sent from the OpenSSL - User mailing list archive at Nabble.com.
>
> __________________________________________________ ____________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majordomo@openssl.org
>
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org

Reply With Quote