[Cyberduck-trac] [Cyberduck] #7344: WebDAV over HTTPS issue

Cyberduck trac at trac.cyberduck.ch
Fri Jul 12 12:25:33 UTC 2013 

#7344: WebDAV over HTTPS issue
-----------------------+----------------------
 Reporter:  wwwpixime  |         Owner:
     Type:  defect     |        Status:  new
 Priority:  normal     |     Milestone:
Component:  core       |       Version:  4.3.1
 Severity:  normal     |    Resolution:
 Keywords:             |  Architecture:
 Platform:             |
-----------------------+----------------------
Description changed by wwwpixime:

Old description:

> Here's my Apache/2.4.4 (FreeBSD) OpenSSL/1.0.1e configuration:
>

> {{{
> SSLProtocol -SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
> SSLCipherSuite ECDHE-RSA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-
> AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA
>
> }}}
>
> here's the target WebDAV/S resource:
>

> {{{
> URL: http://teban.pixi.me
> Remote Path: /w/webdav/
> Username: webdav
> Password: webdav
> }}}
>
> When I attempt to connect, I get the following error from Cyberduck 4.3.1
>
> {{{
>
>  I/O Error: Connection failed, Received fatal alert: handshake_failure.
> }}}
>
> So my questions are as follows:
>
> 1. is SSLv3 a requirement for Cyberduck to connect with an HTTPS
> endpoint?
> 2. does it / will it support ECHDE ciphersuites alongside TLSv1-1.2
> protocols?
>
> Please advise, thank you!

New description:

 Here's my Apache/2.4.4 (FreeBSD) OpenSSL/1.0.1e configuration:


 {{{
 SSLProtocol -SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
 SSLCipherSuite ECDHE-RSA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-
 AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA

 }}}

 here's the target WebDAV/S resource:


 {{{
 URL: https://teban.pixi.me
 Remote Path: /w/webdav/
 Username: webdav
 Password: webdav
 }}}

 When I attempt to connect, I get the following error from Cyberduck 4.3.1

 {{{

  I/O Error: Connection failed, Received fatal alert: handshake_failure.
 }}}

 So my questions are as follows:

 1. is SSLv3 a requirement for Cyberduck to connect with an HTTPS endpoint?
 2. does it / will it support ECHDE ciphersuites alongside TLSv1-1.2
 protocols?

 Please advise, thank you!

--

-- 
Ticket URL: <https://trac.cyberduck.ch/ticket/7344#comment:1>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.

More information about the Cyberduck-trac mailing list