Cyberduck Mountain Duck CLI

#1282 closed defect (wontfix)

I/O Error: Connection failed - SSL

Reported by: craig Owned by: dkocher
Priority: normal Milestone:
Component: core Version: 2.8
Severity: normal Keywords:
Cc: Architecture:


Just setting up another computer to connect to a local FTP service.

When connecting with plain text username/password, it connects fine... and when I initially tried connecting with FTPS (FTP over SSL), it also worked fine... but a few days later, it threw the following error:

I/O Error: Connection failed
Unable to initalize, DerInputStream.getLenth(): lengthTag=63, too big.

NOTE: This was written as I saw it, so typos might exist - not sure why I could not select the text to copy/paste.

This also had the transcript:

220 Welcome to my FTP service.
234 Proceed with negotiation.

I have been able to connect with two other computers just fine, and going back to plain text FTP is also fine.

I have wondered if the SSL certificate might have errors in the keychain, but cannot seem to find it in there - unlike the other computers.

Change History (3)

comment:1 Changed on Sep 29, 2007 at 11:32:12 PM by craig

Not sure if this is of any value though... when I originally connected, it was done from a wireless internet connection to the server on the local network... and this issue appeared later, when connecting though a 3G card.

So one possibility is that the mobile phone network, here in the UK, is perhaps using some kind of firewall, which needs to see the ports being used.

Although I thought the additional (data) ports where used later in the sequence - i.e. after login.

Unfortunately it might be a little while before I can re-test to see if the issue happens while on the local wireless network.

comment:2 Changed on Sep 30, 2007 at 11:53:25 AM by craig

Ok, just to confirm, the issue does appear to be when using a 3G connection... wireless/wired connections seem fine, it might also be fine from other connections.

Do you know what could cause this?

I'm still not convinced that it would be a firewall on their network, as I am fairly sure its effects only come into play when opening additional ports, after login.

comment:3 Changed on Oct 18, 2007 at 11:14:41 AM by dkocher

  • Resolution set to wontfix
  • Status changed from new to closed

It looks like someone in the middle is tampering the SSL stream. Must be an issue with your 3G provider.

Note: See TracTickets for help on using tickets.