[Cyberduck-trac] [Cyberduck] #8703: Handshake failure. Unable to negotiate an acceptable set of security parameters.

Cyberduck trac at trac.cyberduck.io
Sat Mar 28 20:53:51 UTC 2015 

#8703: Handshake failure. Unable to negotiate an acceptable set of security
parameters.
---------------------------+---------------------------
 Reporter:  c.sale         |         Owner:  dkocher
     Type:  defect         |        Status:  closed
 Priority:  normal         |     Milestone:  4.7
Component:  ftp-tls        |       Version:  4.6.5
 Severity:  normal         |    Resolution:  worksforme
 Keywords:                 |  Architecture:  Intel
 Platform:  Mac OS X 10.9  |
---------------------------+---------------------------
Changes (by dkocher):

 * status:  new => closed
 * resolution:   => worksforme


Old description:

> I am using Cyberduck 4.6.5 on Mac OSX 10.9.5. When trying to connect to
> webspace.bol.ucla.edu over FTP-SSL (Explicit AUTH TLS), I am getting the
> eror message
>

> {{{
> Handshake failure. Unable to negotiate an acceptable set of security
> parameters.
> }}}
>

> I have tried it a dozen of times; same failure every time. I was able to
> connect on FileZilla after confirming that the certificate authority is
> trusted (Cyberduck did not ask certificate authority question).
>
> The issue resembles Ticket #8277. That ticket was closed as third party
> failure. I don't see any third party failure in my connection attempts
> and other FTP clients work fine.

New description:

 I am using Cyberduck 4.6.5 on Mac OSX 10.9.5. When trying to connect to
 `webspace.bol.ucla.edu` over FTP-SSL (Explicit AUTH TLS), I am getting the
 eror message


 {{{
 Handshake failure. Unable to negotiate an acceptable set of security
 parameters.
 }}}


 I have tried it a dozen of times; same failure every time. I was able to
 connect on FileZilla after confirming that the certificate authority is
 trusted (Cyberduck did not ask certificate authority question).

 The issue resembles Ticket #8277. That ticket was closed as third party
 failure. I don't see any third party failure in my connection attempts and
 other FTP clients work fine.

--

Comment:

 We require the server to support one of `TLSv1.2, TLSv1.1, TLSv1` for
 transport layer security. It looks like the server only supports SSLv2
 which we have disabled for security reasons. Please open a support request
 at `ucla.edu` asking for a configuration change on their server.

-- 
Ticket URL: <https://trac.cyberduck.io/ticket/8703#comment:3>
Cyberduck <http://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list