Hughesnet Community

SSL Failures via Hughesnet

cancel
Showing results for 
Search instead for 
Did you mean: 
gsereno
New Member

SSL Failures via Hughesnet

Below is the output of the openssl command when utilizing first Hughes net and then utilizing Verizon from the same computer.  Please notice the failure on the openssl command when going through Hughesnet and the completion through Verizon.  Hughesnet support has not been able to resolve this issue.

 

Hughesnet:

 

openssl s_client -connect webmail.earthlink.net:443
CONNECTED(00000003)
write:errno=54
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 308 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1508885746
Timeout : 300 (sec)
Verify return code: 0 (ok)

 

Verizon:

openssl s_client -connect webmail.earthlink.net:443
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA
verify return:1
depth=0 C = US, postalCode = 30309, ST = Georgia, L = Atlanta, street = 1375 Peachtree ST, O = EarthLink Inc., OU = EIS, OU = Issued through EarthLink Inc. E-PKI Manager, OU = InstantSSL Pro, CN = webmail.earthlink.net
verify return:1
---
Certificate chain
0 s:/C=US/postalCode=30309/ST=Georgia/L=Atlanta/street=1375 Peachtree ST/O=EarthLink Inc./OU=EIS/OU=Issued through EarthLink Inc. E-PKI Manager/OU=InstantSSL Pro/CN=webmail.earthlink.net
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgIRALIWiJKZ9dKcMW6HdSqswUkwDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTUxMDE1MDAwMDAwWhcNMTgxMDE0MjM1OTU5WjCB8zELMAkG
A1UEBhMCVVMxDjAMBgNVBBETBTMwMzA5MRAwDgYDVQQIEwdHZW9yZ2lhMRAwDgYD
VQQHEwdBdGxhbnRhMRowGAYDVQQJExExMzc1IFBlYWNodHJlZSBTVDEXMBUGA1UE
ChMORWFydGhMaW5rIEluYy4xDDAKBgNVBAsTA0VJUzE0MDIGA1UECxMrSXNzdWVk
IHRocm91Z2ggRWFydGhMaW5rIEluYy4gRS1QS0kgTWFuYWdlcjEXMBUGA1UECxMO
SW5zdGFudFNTTCBQcm8xHjAcBgNVBAMTFXdlYm1haWwuZWFydGhsaW5rLm5ldDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/ax5UodXV3UXEr0Y+umEqS
CNdwSykfOnqupj91ORmyzEsIa1JEoMSWdzIngrt6kibu43htKjRq23GV5BWAuvMP
lwYy4axI4p8yAGCK6rX+IqaAeNuQkypijN5N/2XKjvlYlY8tm85htRcdxA5M9wYK
YNjyKPUdG18IecSPl/I7aCzrHbX5BV3v/2SEWnSokicoEKaW3wT/ATob7fQpz+Kc
lz/aEX4ZyuZ47iu/Sa5JObAOdNrkPe5kJnzZrsyNN9/ItAIBW2x760EfmPy5lIse
zktLOdc2IQ55FErZ6jOtrHLaHHLgkNE29koiusj2N1NQ9IBRrMQ++JZVCSR8ALUC
AwEAAaOCAfowggH2MB8GA1UdIwQYMBaAFJrzK9rPrU+2L7sqSEgqErcbQsEkMB0G
A1UdDgQWBBSuYdpfwsiZQoXnpo8tG/oN2Wm+ODAOBgNVHQ8BAf8EBAMCBaAwDAYD
VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwUAYDVR0g
BEkwRzA7BgwrBgEEAbIxAQIBAwQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0
dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlk
YXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYsGCCsGAQUFBwEBBH8wfTBVBggrBgEF
BQcwAoZJaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0
aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0
cDovL29jc3AuY29tb2RvY2EuY29tMDsGA1UdEQQ0MDKCFXdlYm1haWwuZWFydGhs
aW5rLm5ldIIZd3d3LndlYm1haWwuZWFydGhsaW5rLm5ldDANBgkqhkiG9w0BAQsF
AAOCAQEAnnHa2Y83D++DJPnm5+WOH7PJ3/w4GYB3rPhC+KQ8DxvRWGzyy4ZNDuJC
mvJXfahrjPIhz6rp2l605vptodB9W3xPRia9cfwRoptxdt3Z3ESJ8aaKmbByTwrf
4yjRBZIm398wopjBpBWlz4NvuYIYnWH/LYYVMOXuriqDpbNYoNfh13tRkj7hXTTC
U2kYxk3pPRgBGgGDw4n8taWoiXhNE8W48A4T548zPp/9gfs685wPRCPHVJhq3aAC
sXcYt3l/cqtnXmcooRB8PwvWkHUkkjBsTTuhEfqoaaJYg5iJPYNgxJkfqT3r/1kl
fbgT4BNln9EyYk91XFgzd+Sn3OKCJQ==
-----END CERTIFICATE-----
subject=/C=US/postalCode=30309/ST=Georgia/L=Atlanta/street=1375 Peachtree ST/O=EarthLink Inc./OU=EIS/OU=Issued through EarthLink Inc. E-PKI Manager/OU=InstantSSL Pro/CN=webmail.earthlink.net
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 4719 bytes and written 666 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : AES256-SHA256
Session-ID: 93F15B27D23C21ECFC44BE7AE93036419732742203D4472B985F5E7CFD9E4BCD
Session-ID-ctx:
Master-Key: AD4219D49F040A404F31F761D992571659EF16FC72ACBD99DDE8C95E8F98D7B3349FF64B5D568BA7C9D3D437233E9809
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1508885807
Timeout : 300 (sec)
Verify return code: 0 (ok

3 REPLIES 3
Amanda
Moderator

Hi gsereno

 

Welcome to our community!

 

I wonder if this is being caused by our Wi-Fi Modem's built-in firewall... Can you do a portscan for the domain you are trying to reach? We only have one closed port on our network, which is 25.

 

~Amanda

@gsereno have you tried turning off web acceleration?  Curious if hughesnet proxy is causing the issue.

Hi gsereno

 

Haven't heard from you lately - is this still an issue?

 

~Amanda