• What does the error message mean?

    From Dnews@dnews@triffid.co.uk to comp.sys.acorn.networking on Fri Jun 5 18:49:04 2026
    From Newsgroup: comp.sys.acorn.networking

    Please!
    Suddenly today I'm getting an error message when Hermes tries to login to Google to post or retrieve mail.

    I've done a grab of the error pane and put it upline at...

    https://www.triffid.co.uk/dstuff/GError.jpg

    I have no idea why?

    Thanks
    Dave

    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Bob Latham@bob@sick-of-spam.invalid to comp.sys.acorn.networking on Fri Jun 5 19:19:14 2026
    From Newsgroup: comp.sys.acorn.networking

    In article <5ce44a2042dnews@triffid.co.uk>,
    Dnews <dnews@triffid.co.uk> wrote:
    Please!
    Suddenly today I'm getting an error message when Hermes tries to login to Google to post or retrieve mail.

    I've done a grab of the error pane and put it upline at...

    https://www.triffid.co.uk/dstuff/GError.jpg

    I have no idea why?

    I'm not alone then.

    I think you need one or two security files updating, specifically

    HardDisc4.!Boot.Resources.!Internet.files.CertData

    and

    HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL


    These are available from the nightly builds here.. https://www.riscosopen.org/content/downloads/common

    Or direct from here..

    https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip

    Cheers,

    Bob.

    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Dnews@dnews@triffid.co.uk to comp.sys.acorn.networking on Fri Jun 5 20:32:42 2026
    From Newsgroup: comp.sys.acorn.networking

    In article <5ce44ce34abob@sick-of-spam.invalid>,
    Bob Latham <bob@sick-of-spam.invalid> wrote:
    In article <5ce44a2042dnews@triffid.co.uk>,
    Dnews <dnews@triffid.co.uk> wrote:
    Please! Suddenly today I'm getting an error message when Hermes tries
    to login to Google to post or retrieve mail.

    I've done a grab of the error pane and put it upline at...

    https://www.triffid.co.uk/dstuff/GError.jpg

    I have no idea why?

    I'm not alone then.

    I think you need one or two security files updating, specifically

    HardDisc4.!Boot.Resources.!Internet.files.CertData

    and

    HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL


    I have the above, and earlier today I updated the CertData.
    Recently I did it again and the message was. "CertData is already up to
    date.

    My AcornSSL 1.07 28th March 2025, I've now installed 1.09 23 May 2026.

    Unfortunately the problem remains. (Yes I have rebooted RISC OS after
    changing the SSL to 1.09).

    These are available from the nightly builds here.. https://www.riscosopen.org/content/downloads/common

    Or direct from here..

    https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip

    Cheers,
    Bob.

    Thanks for the thoughts Bob, appreciated.
    Dave

    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Bob Latham@bob@sick-of-spam.invalid to comp.sys.acorn.networking on Fri Jun 5 20:42:44 2026
    From Newsgroup: comp.sys.acorn.networking

    In article <5ce4539d59dnews@triffid.co.uk>,
    Dnews <dnews@triffid.co.uk> wrote:
    In article <5ce44ce34abob@sick-of-spam.invalid>,
    Bob Latham <bob@sick-of-spam.invalid> wrote:
    In article <5ce44a2042dnews@triffid.co.uk>,
    Dnews <dnews@triffid.co.uk> wrote:
    Please! Suddenly today I'm getting an error message when Hermes tries
    to login to Google to post or retrieve mail.

    I've done a grab of the error pane and put it upline at...

    https://www.triffid.co.uk/dstuff/GError.jpg

    I have no idea why?

    I'm not alone then.

    I think you need one or two security files updating, specifically

    HardDisc4.!Boot.Resources.!Internet.files.CertData

    and

    HardDisc4.!Boot.Resources.!System.350.Modules.Network.URL.AcornSSL


    I have the above, and earlier today I updated the CertData.
    Recently I did it again and the message was. "CertData is already
    up to date.

    My AcornSSL 1.07 28th March 2025, I've now installed 1.09 23 May
    2026.

    Unfortunately the problem remains. (Yes I have rebooted RISC OS
    after changing the SSL to 1.09).

    These are available from the nightly builds here.. https://www.riscosopen.org/content/downloads/common

    Or direct from here..

    https://www.riscosopen.org/zipfiles/platform/common/HardDisc4.zip

    Since I posted that info I found that I could no longer access Virgin
    email accounts. I thought the SSL module the likely culprit and
    dropped back to 1.07 28 Mar 2025. I now have access again so I
    suspect that 1.09 module is 'bost' as we say in the Black Country.

    No idea how to report that.

    However, for whatever reason, certificate error (same as yours) has
    stopped (for now).

    Bob.

    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Martin@News04@avisoft.f9.co.uk to comp.sys.acorn.networking on Fri Jun 5 21:01:04 2026
    From Newsgroup: comp.sys.acorn.networking

    In article <5ce45483bdbob@sick-of-spam.invalid>,
    Bob Latham <bob@sick-of-spam.invalid> wrote:
    Since I posted that info I found that I could no longer access
    Virgin email accounts. I thought the SSL module the likely culprit
    and dropped back to 1.07 28 Mar 2025. I now have access again so I
    suspect that 1.09 module is 'bost' as we say in the Black Country.

    No idea how to report that.

    I would suggest raising it on the ROOL forums - much more likely to be
    noticed by those who know about these things than here.

    I am using AcoenSSL 1.09 (23 May 2026) mbedTLS 3.6.6 here without
    problem, but I do not use Google or Virgin email
    --
    Martin Avison
    Note that unfortunately this email address will become invalid
    without notice if (when) any spam is received.
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Bob Latham@bob@sick-of-spam.invalid to comp.sys.acorn.networking on Sat Jun 6 11:22:24 2026
    From Newsgroup: comp.sys.acorn.networking

    In article <5ce456364eNews04@avisoft.f9.co.uk>,
    Martin <News04@avisoft.f9.co.uk> wrote:

    I would suggest raising it on the ROOL forums - much more likely to
    be noticed by those who know about these things than here.

    I have attempted to do that.

    Bob.

    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Martin@News04@avisoft.f9.co.uk to comp.sys.acorn.networking on Sat Jun 6 12:47:56 2026
    From Newsgroup: comp.sys.acorn.networking

    In article <5ce4a511cabob@sick-of-spam.invalid>,
    Bob Latham <bob@sick-of-spam.invalid> wrote:
    In article <5ce456364eNews04@avisoft.f9.co.uk>,
    Martin <News04@avisoft.f9.co.uk> wrote:

    I would suggest raising it on the ROOL forums - much more likely
    to be noticed by those who know about these things than here.

    I have attempted to do that.

    And it worked ... but please see further comments there.
    --
    Martin Avison
    Note that unfortunately this email address will become invalid
    without notice if (when) any spam is received.
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Doug Webb@doug.j.webb@btinternet.com to comp.sys.acorn.networking on Sat Jun 6 14:23:15 2026
    From Newsgroup: comp.sys.acorn.networking

    In message <5ce44ce34abob@sick-of-spam.invalid>
    Bob Latham <bob@sick-of-spam.invalid> wrote:

    In article <5ce44a2042dnews@triffid.co.uk>,
    Dnews <dnews@triffid.co.uk> wrote:
    Please!
    Suddenly today I'm getting an error message when Hermes tries to login to
    Google to post or retrieve mail.

    I've done a grab of the error pane and put it upline at...

    https://www.triffid.co.uk/dstuff/GError.jpg

    I have no idea why?

    I'm not alone then.

    I've not been around for a bit so only just saw this and the ROOL thread.

    Basically later AcornSSL modules have TLS1.3 enabled and the google
    systems once seeing that the client has this are a lot stricter.

    In essence if you enable the higher level of logging then you will see
    that it says "No SNI, Server Name Indication, provided".

    I did some testing with Rob Sprowson last year and also with RComp for
    Hermes.

    It seems Google have taken the specification and literally said well if
    its TLS1.3 then you must implement it and hence you get the invalid issued

    by and to fields.

    Hermes doesn't know what SNI to respond to in the version supplied with
    and up to NetFetch 6.00.

    The beta test software I was testing for RComp partially fixes the issue
    but still needs an initial "accept or accept all" click

    https://github.com/openssl/openssl/wiki/TLS1.3
    --
    Experience the future using ARM Technology - ARMBook,BeagleBoard -xM, PandaBoard,Raspberry Pi,iMX6/ARMX6,IGEPv5 & Titanium powered by RISC OS
    5.28.
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From Dnews@dnews@triffid.co.uk to comp.sys.acorn.networking on Sat Jun 6 15:45:37 2026
    From Newsgroup: comp.sys.acorn.networking

    In article <60a0b5e45c.dougjwebb@btinternet.com>,
    Doug Webb <doug.j.webb@btinternet.com> wrote:

    [Snip]

    I've not been around for a bit so only just saw this and the ROOL thread.

    Basically later AcornSSL modules have TLS1.3 enabled and the google
    systems once seeing that the client has this are a lot stricter.

    In essence if you enable the higher level of logging then you will see
    that it says "No SNI, Server Name Indication, provided".

    I did some testing with Rob Sprowson last year and also with RComp for Hermes.

    It seems Google have taken the specification and literally said well if
    its TLS1.3 then you must implement it and hence you get the invalid
    issued

    by and to fields.

    Hermes doesn't know what SNI to respond to in the version supplied with
    and up to NetFetch 6.00.

    The beta test software I was testing for RComp partially fixes the issue
    but still needs an initial "accept or accept all" click

    https://github.com/openssl/openssl/wiki/TLS1.3


    Aha, I see, and interestingly sometimes if I click "Accept" it'll work,
    but not always. :-/

    Dave

    --- Synchronet 3.22a-Linux NewsLink 1.2