I/O Error: Connection failed - SSL

[craig]

Just setting up another computer to connect to a local FTP service.

When connecting with plain text username/password, it connects fine... and when I initially tried connecting with FTPS (FTP over SSL), it also worked fine... but a few days later, it threw the following error:

I/O Error: Connection failed
ftps://...
Unable to initalize, java.io.IOException: DerInputStream.getLenth(): lengthTag=63, too big.

NOTE: This was written as I saw it, so typos might exist - not sure why I could not select the text to copy/paste.

This also had the transcript:

220 Welcome to my FTP service.
AUTH TLS
234 Proceed with negotiation.
PBSZ 0

I have been able to connect with two other computers just fine, and going back to plain text FTP is also fine.

I have wondered if the SSL certificate might have errors in the keychain, but cannot seem to find it in there - unlike the other computers.

[craig]

Not sure if this is of any value though... when I originally connected, it was done from a wireless internet connection to the server on the local network... and this issue appeared later, when connecting though a 3G card.

So one possibility is that the mobile phone network, here in the UK, is perhaps using some kind of firewall, which needs to see the ports being used.

Although I thought the additional (data) ports where used later in the sequence - i.e. after login.

Unfortunately it might be a little while before I can re-test to see if the issue happens while on the local wireless network.

[craig]

Ok, just to confirm, the issue does appear to be when using a 3G connection... wireless/wired connections seem fine, it might also be fine from other connections.

Do you know what could cause this?

I'm still not convinced that it would be a firewall on their network, as I am fairly sure its effects only come into play when opening additional ports, after login.

[dkocher]

It looks like someone in the middle is tampering the SSL stream. Must be an issue with your 3G provider.