[Cyberduck-trac] [Cyberduck] #6496: SSL handshake failure fatal alert

Cyberduck trac at trac.cyberduck.ch
Mon Jan 23 19:33:41 CET 2012


#6496: SSL handshake failure fatal alert
---------------------------+---------------------------
 Reporter:  djarsky        |         Owner:  dkocher
     Type:  defect         |        Status:  closed
 Priority:  normal         |     Milestone:
Component:  ftp-tls        |       Version:  4.2.1
 Severity:  normal         |    Resolution:  thirdparty
 Keywords:                 |  Architecture:
 Platform:  Mac OS X 10.7  |
---------------------------+---------------------------
Changes (by dkocher):

 * status:  new => closed
 * resolution:   => thirdparty


Comment:

 Debugging the SSL exchange it shows that we are trying the same
 negotiation connecting either to `ftps://jarsky.com ` to or
 `web1314.ixwebhosting.com `. For `jarsky.com` we receive fatal `TLSv1
 ALERT`.



 {{{
 Allow unsafe renegotiation: false
 Allow legacy hello messages: true
 Is initial handshake: true
 Is secure renegotiation: false
 Allow unsafe renegotiation: false
 Allow legacy hello messages: true
 Is initial handshake: true
 Is secure renegotiation: false
 %% No cached client session
 *** ClientHello, TLSv1
 RandomCookie:  GMT: 1327277494 bytes = { 204, 169, 66, 141, 88, 2, 122,
 224, 177, 72, 10, 235, 150, 135, 109, 217, 203, 77, 129, 44, 200, 232,
 197, 73, 112, 128, 236, 164 }
 Session ID:  {}
 Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
 TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
 TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
 TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
 SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
 SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA,
 SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA,
 SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
 SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
 SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
 Compression Methods:  { 0 }
 ***
 background-3, WRITE: TLSv1 Handshake, length = 81
 background-3, READ: TLSv1 Alert, length = 2
 background-3, RECV TLSv1 ALERT:  fatal, handshake_failure
 }}}


 I assume this is a server configuration issue.

-- 
Ticket URL: <http://trac.cyberduck.ch/ticket/6496#comment:6>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.


More information about the Cyberduck-trac mailing list