Hello - after upgrading from SLED 15 to 15SP1 my Google (gnome online account) gmail stopped working and I also have problems to one other IMAP server using TLS. In evolution I get ‘The reported error was âError reading data from TLS socket: The specified session has been invalidated for some reason.â’ and for the Google account I get “Error writing data to TLS socket: The specified session has been invalidated for some reason.” from gnome-calendar.
From googling around this seems to be related to a libgnutls. Will there be an update soon for 15SP1 or is it caused by something else?
gnutls-cli -p 993 imap.gmail.com
Processed 548 CA certificate(s).
Resolving ‘imap.gmail.com:993’…
Connecting to ‘209.85.233.108:993’…
-
Certificate type: X.509
-
Got a certificate list of 2 certificates.
-
Certificate[0] info:
-
subject
CN=imap.gmail.com,O=Google LLC,L=Mountain View,ST=California,C=US', issuerCN=Google Internet Authority G3,O=Google Trust Services,C=US’, serial 0x3af82e3b6f2255b3e63136da668e3026, RSA key 2048 bits, signed using RSA-SHA256, activated2019-06-11 12:31:43 UTC', expires2019-09-03 12:20:00 UTC’, pin-sha256="+MF2ooNXnzi8ZJepkh3ddbyBo0NRYYezX9KyXtH0dnw="
Public Key ID:
sha1:058718ebc21de801f6068d5234ba2cfafa1144f9
sha256:f8c176a283579f38bc6497a9921ddd75bc81a343516187b35fd2b25ed1f4767c
Public Key PIN:
pin-sha256:+MF2ooNXnzi8ZJepkh3ddbyBo0NRYYezX9KyXtH0dnw= -
Certificate[1] info:
-
subject
CN=Google Internet Authority G3,O=Google Trust Services,C=US', issuerCN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2’, serial 0x01e3a9301cfc7206383f9a531d, RSA key 2048 bits, signed using RSA-SHA256, activated2017-06-15 00:00:42 UTC', expires2021-12-15 00:00:42 UTC’, pin-sha256=“f8NnEFZxQ4ExFOhSN7EiFWtiudZQVD2oY60uauV/n78=” -
Status: The certificate is trusted.
-
Description: (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
-
Options:
-
Handshake was completed
-
Simple Client Mode:
- OK Gimap ready for requests from 78.70.163.37 h7mb74586847ljc
^C
gnutls-cli -p 993 imap.googlemail.com
Processed 548 CA certificate(s).
Resolving ‘imap.googlemail.com:993’…
Connecting to ‘64.233.164.16:993’…
-
Certificate type: X.509
-
Got a certificate list of 2 certificates.
-
Certificate[0] info:
-
subject
CN=imap.googlemail.com,O=Google LLC,L=Mountain View,ST=California,C=US', issuerCN=Google Internet Authority G3,O=Google Trust Services,C=US’, serial 0x286453ec69b1535f69e79f9c888bf0ea, RSA key 2048 bits, signed using RSA-SHA256, activated2019-06-11 12:43:45 UTC', expires2019-09-03 12:21:00 UTC’, pin-sha256=“iR3ZwB//XAM33O7Yb+YXyBtIN6HSukyBlwQG7wALDYY=”
Public Key ID:
sha1:7a12154d06db62488031a7bc23a25d0983521f10
sha256:891dd9c01fff5c0337dceed86fe617c81b4837a1d2ba4c81970406ef000b0d86
Public Key PIN:
pin-sha256:iR3ZwB//XAM33O7Yb+YXyBtIN6HSukyBlwQG7wALDYY= -
Certificate[1] info:
-
subject
CN=Google Internet Authority G3,O=Google Trust Services,C=US', issuerCN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R2’, serial 0x01e3a9301cfc7206383f9a531d, RSA key 2048 bits, signed using RSA-SHA256, activated2017-06-15 00:00:42 UTC', expires2021-12-15 00:00:42 UTC’, pin-sha256=“f8NnEFZxQ4ExFOhSN7EiFWtiudZQVD2oY60uauV/n78=” -
Status: The certificate is trusted.
-
Description: (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
-
Options:
-
Handshake was completed
-
Simple Client Mode:
- OK Gimap ready for requests from 78.70.163.37 t26mb75031058ltd
^C