Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unrecognized_name alert in TLS handshake #8074

Closed
cyberduck opened this issue Jul 4, 2014 · 5 comments
Closed

unrecognized_name alert in TLS handshake #8074

cyberduck opened this issue Jul 4, 2014 · 5 comments
Assignees
@dkocher
Labels
bug thirdparty Issue caused by third party webdav WebDAV Protocol Implementation

Comments

@cyberduck
Copy link
Collaborator

b9585c5 created the issue

I am using the latest Cyberduck (4.5 / 14875).
I try to connect to WebDAV HTTP/SSL server (configred with SSL and VirtualHosts)

The credentials and URI are correct (Work in native windows7 WebDAV client )

I am unable to connect.

I receive the following message: handshake alert: unrecognized_name

In the the Apache server logs I noticed this:
Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
@cyberduck
Copy link
Collaborator Author

@dkocher commented

This is a configuration issue with Apache HTTPD. Duplicate for #7908.

@cyberduck
Copy link
Collaborator Author

b9585c5 commented

The SNI is enabled be default

the logs are clear:
Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

What Java version is used in recent Cyberduck ?

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Replying to [comment:3 marek salwerowicz]:

The SNI is enabled be default

the logs are clear:
Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

We support server name indication for TLS in Cyberduck. That's why the error is received if the virtual host does not match the common name in the certificate.

@cyberduck
Copy link
Collaborator Author

b9585c5 commented

Replying to [comment:4 dkocher]:

We support server name indication for TLS in Cyberduck. That's why the error is received if the virtual host does not match the common name in the certificate.

How about the case when certificate is for wildcard (eg. "*.example.org" )
and virtual hosts are "site1.example.org" , "site2.example.org", etc... ?

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Replying to [comment:5 marek salwerowicz]:

Replying to [comment:4 dkocher]:

We support server name indication for TLS in Cyberduck. That's why the error is received if the virtual host does not match the common name in the certificate.

How about the case when certificate is for wildcard (eg. "*.example.org" )
and virtual hosts are "site1.example.org" , "site2.example.org", etc... ?

That will work. See also my comments in #8199.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@dkocher dkocher

Labels
bug thirdparty Issue caused by third party webdav WebDAV Protocol Implementation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dkocher @cyberduck