When running the method:
CFReadStreamSetProperty(theReadStream, kCFStreamPropertySSLSettings (CFDictionaryRef)tlsPacket->tlsSettings);
To secure the connection of a CFReadStream, my iphone client returns the error:
Error Domain=kCFStreamErrorDomainSSL Code=-9824 "Operation could not be completed. (kCFStreamErrorDomainSSL error -9824.)"
and the server sends the error:
ERROR [STDERR] javax.net.ssl.SSLHandshakeException: no cipher suites in common
Is there any way to allow CFReadStream to use additional ciphers during the handshake process?
For anyone else who runs into this problem:
It turns out that the problem was on the server side. If you run into this issue yourself I would urge you to check that the handshake on the server side is working properly.
Related
I am kind of new to perl world but my script fails when loaded via SFTP with below error ,
IN SUBROUTINE: CSRF TOKEN DECODED CONTENT:
error while setting up ssl connection (SSL connect attempt failed with unknown error error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) at /home/rcc/perl5/lib/perl5/LWP/Protocol/https/connect/Socket.pm line 23.
Looping through csrf response array, param = [error while setting up ssl connection (SSL connect attempt failed with unknown error error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) at /home/rcc/perl5/lib/perl5/LWP/Protocol/https/connect/Socket.pm line 23.
]
Under the assumption its because of TLS depreciation , we upgraded SSL version but still doesn't work, can someone help us understand how to fix the issue ?
Or is there a latest version of perl LWP which by upgrade can fix the issue ? repacking the current package seems to be complex.
Thanks in advance.
The SSL handling is not done directly by LWP::Protocol::connect. Instead it uses IO::Socket::SSL which then uses Net::SSLeay which then uses the linked in OpenSSL library which is not necessarily the one used by the openssl binary. The general capability to use TLS 1.2 depends on the version of OpenSSL which should be at least 1.0.1.
To get the versions of the various parts use the following code
use strict;
use IO::Socket::SSL;
printf "IO::Socket::SSL %s\n", $IO::Socket::SSL::VERSION;
printf "Net::SSLeay %s\n", $Net::SSLeay::VERSION;
printf "OpenSSL compiled %x\n", Net::SSLeay::OPENSSL_VERSION_NUMBER();
printf "OpenSSL linked %x - %s\n", Net::SSLeay::SSLeay(),
Net::SSLeay::SSLeay_version(0);
... SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Note that a TLS handshake problem can have lots of different reasons and an unsupported TLS protocol version is just one of many. No shared ciphers is another common problem at this stage of the connection.
This is not a duplicate question, because I did not find anything about this error with "volley".
My problem happens when the connection is very slow, one of my services returns this error:
VolleyError={NoConnectionError#5719}"com.android.volley.NoConnectionError: java.net.SocketException: recvfrom failed: ECONNRESET (Connection reset by peer)
VolleyError.networkResponse.data=java.lang.NullPointerException
VolleyError.networkResponse.statusCode=java.lang.NullPointerException
VolleyError.networkResponse=null
I have searched a lot, and find this
System.setProperty("http.keepAlive","false");
but I don't know if that right.
This may help you : android-volley-econnreset
Too , in my case problem was from server side and proxy that after enable VPN proxy , problem resolved.
checkout server side
I am trying to decrypt the https traffic by fiddler2 which has just been upgraded.
What is the problem to get this errror?
17:27:45:6821 !SecureClientPipeDirect failed: System.IO.IOException Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. < A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond on pipe to (CN=192.168.0.100, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com)
Thanks
The error message indicates that the client failed to complete the HTTPS handshake. What was the client? This message typically indicates that the client isn't configured to trust Fiddler's Root Certificate.
What, if any, other messages are shown on the Log tab?
I'm trying to send a push notification to apple device (iphone) using Scala, and Notnoop APNS, but when i ran this code:
import com.notnoop.apns._
val service = APNS.newService().withCert("certfile.p12", "passphrase").withAppleDestination(true).build()
service.start()
val payload = APNS.newPayload().alertBody("nomnomnom").sound("default")
service.push("deviceToken", payload.build())
service.stop()
i always stuck on this, ssl handshake error:
Thread-20, handling exception: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
based on this question, i may have invalid certificate, but I'm sure this certificate works, because using this PHP sample, i can send a push notification correctly.
Any idea where's my process gone wrong?
I am creating an NSURLMutableRequest and setting HTTP methods and content-types and such. All was working fine until my last compile. I now get this in the Console, but the app doesn't crash:
CODE:
Internal error.
Exception from other package:
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
and then the program continues. Code can be posted if you need it. The URL I am contacting is:
https://apps.quickbooks.com/j/AppGateway
This is VERISIGN not some Joe Blow make-your-own SSL cert.
Thanks guys!
Should have researched. QBOE XML processor is down.