EldoS | Feel safer!

Software components for data protection, secure storage and transfer


Posted: 10/24/2013 17:53:40
by Ken Ivanov (Team)


So is the 75778 error actually returned to you?

The exception you mentioned in your last post (Server cannot perform SSL/TLS negotiation) is only thrown if the component fails to establish an implicit TLS session. In particular, you will get it if you attempt of implicit connection was performed on explicit or non-SSL port.

Certain peculiar servers only understand a particular version of an SSL protocol, so let's try it in a different way. Please try to limit the set of supported versions with a single TLS1 version and check if it changes anything. If it doesn't, please try to connect with a pair of SSL3 and TLS1 enabled. I suggest you that you perform the experiments with FTPSDemo sample (included to the distribution), which allows you to easily choose different protocol version combinations.
Posted: 10/25/2013 09:37:35
by David Serrano (Basic support level)
Joined: 11/16/2012
Posts: 19

Well, first of all, thanks for your suggestion.
Now, i did the test that you adviced me with FTPS demo client sample, over a implicit FTPS connection. So here are my results (i did the test, checking and uncheking the options "use ssl/tls", "ssl2", "ssl3","tls1","tls1.1", "use implicit ssl"):

use_ssl/tls ssl2 ssl3 tls1 tls1.1 use_implicit_ssl result
1 0 0 0 0 1 Invalid SSL Version

1 0 0 0 1 1 Fatal local error 75784. Server . cannot perform ssl/tls . negotiation

1 0 0 1 0 1 The same error above

1 0 0 1 1 1 The same error above

1 0 1 0 0 1 Server cannot perform ssl/tls . . negotiation

1 0 1 0 1 1 Cannot support SSL 3.0 and TLS . . 1.1 and not support TLS 1.0

1 0 1 1 0 1 Fatal local error 75784. Server . cannot perform ssl/tls . . . . . negotiation

Sorry for that kind of mess, I attached the image from xls file with the total results.

So, the more important conclusion here is: THERE WAS NOT COMBINATION FOR DOING A SUCCESFUL CONNECTION.

What can i do? Why from filezilla the connection is ok?

Posted: 10/25/2013 09:47:50
by Eugene Mayevski (Team)

David, thank you for detailed investigation. Yet it would be much easier for us to solve the problem if you posted the log of successful connection done by FileZilla or WSFTP. Also you can check in those logs, what settings are used by FileZilla or WSFTP with that server.

Sincerely yours
Eugene Mayevski
Posted: 10/25/2013 10:05:35
by David Serrano (Basic support level)
Joined: 11/16/2012
Posts: 19

Well, again thanks for your response.
Now, here it goes, the log from filezilla version 3.7.3:

11:24:02 Status: Connecting to
11:24:02 Status: Connection established, initializing TLS...
11:24:02 Status: Verifying certificate...
11:24:02 Status: TLS/SSL connection established, waiting for welcome message...
11:24:02 Response: 220-Complete FTP server
11:24:02 Response: 220 CompleteFTP v 7.4.0
11:24:02 Command: USER ftpsuser
11:24:02 Response: 331 Password required for ftpsuser
11:24:02 Command: PASS ********
11:24:02 Response: 230 User ftpsuser logged in.
11:24:02 Command: OPTS UTF8 ON
11:24:02 Response: 200 UFT8 enabled.
11:24:02 Command: PBSZ 0
11:24:02 Response: 200 PBSZ 0 successful.
11:24:02 Command: PROT P
11:24:02 Response: 200 PROT P successful.
11:24:02 Status: Connected
11:24:02 Status: Retrieving directory listing...
11:24:02 Command: PWD
11:24:02 Response: 257 "/Home/ftpsuser" is current directory.
11:24:02 Status: Directory listing successful
Posted: 10/25/2013 12:21:02
by Eugene Mayevski (Team)

Well, this doesn't give much. WS_FTP produces much more usable log. I think that it can be a flaw in the server-side SSL/TLS layer, so we might need to reproduce the issue locally. It will take some time to install and test that server. I am moving the topic to the helpdesk.

Sincerely yours
Eugene Mayevski



Topic viewed 5707 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!