EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Connection failed (error code is 75797)

Posted: 05/31/2013 16:00:49
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

I'm evaluating WebDAVBlackbox and testing an https connection with the WebDavClient_VS2012 sample project. The very first time I run it and login, I see the root WebDAV folder, however accessing that folder and each time after I get the following error at "WebDavClient.List(ObjList);"

Connection failed (error code is 75797)

followed by

Connection error 96258 (error code is 96258)

The code works fine with http.

Any ideas where I can start looking?
Posted: 05/31/2013 16:14:50
by Ken Ivanov (Team)

Thank you for contacting us.

Error 75797 is an SSL error (namely, ERROR_SSL_INTERNAL_ERROR), which is reported if SSL/TLS conversation goes wrong for unexpected reason. Could you please capture a call stack inside the DoError() event handler and post it here?
Posted: 05/31/2013 17:27:49
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

Attached, please let me know if you need more info.

[ Download ]
Posted: 05/31/2013 19:27:51
by Ken Ivanov (Team)

Thank you. According to the stack trace, it's the server side where the error comes from. Apparently, the server does not like something in the session parameters. Please try to adjust the following properties of the TElHTTPSWebDAVClient object before connecting to the server:

1. Tune up SSL versions:

HTTPSClient.Versions = SBSSLConstants.Unit.sbSSL3 | SBSSLConstants.Unit.sbTLS1;

2. Restrict the cipher suite set:

for (int i = SBSSLConstants.Unit.SB_SUITE_FIRST; i <= SBSSLConstants.Unit.SB_SUITE_LAST; i++)
    HTTPSClient.set_CipherSuites(i, false);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_RC4_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_DES_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_3DES_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_AES128_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_DHE_RSA_3DES_SHA, true);

3. Turn off SSL session resumption:

HTTPSClient.UseSSLSessionResumption = false;

If this doesn't help, please check whether OnCertificateValidate event is fired when you attempt to access the folder (there's already a method that handles it in the code, you only have to put a breakpoint there). This will let us know on what connection stage the server comes up with the error.
Posted: 05/31/2013 20:11:27
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

I tried adjusting the properties with no luck. The OnCertificateValidate event does fire.
If I wait a while and connect I will see the root directory, but then either accessing a folder/file or logging in a second time will throw the error. I also captured the network traffic and see this,

TLSv1 Record Layer: Encrypted Alert
Content Type: Alert (21)
Version: TLS 1.0 (0x0301)
Posted: 06/01/2013 14:06:04
by Ken Ivanov (Team)

Thank you very much for checking. This means that my original assumption was wrong. Still, I suggest that we proceed with the restricted configuration for a while just to exclude compatibility issues. Two questions to follow:

1) Did you have a chance to check if other (third-party) WebDAV clients do work correctly with the server?

2) Could you please now switch HTTPSClient.UseSSLSessionResumption to true and check if it changes anything?
Posted: 06/01/2013 14:44:35
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

Yes, I tested with BitKinex and it worked fine. I switched UseSSLSessionResumption to true and makes no difference.
Posted: 06/01/2013 16:35:11
by Eugene Mayevski (Team)

Is there a chance for us to have access to that server for testing? If yes, we'll move the question to HelpDesk (private support channel) where you can provide the information we might need to access the server. This will let us experiment with the server and try to find the reason rather quickly. Without access it would be hard to guess, what exactly the server might not like.

Sincerely yours
Eugene Mayevski
Posted: 06/01/2013 16:55:30
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

Sure, lets do that.
Posted: 06/01/2013 17:03:19
by Eugene Mayevski (Team)

Thank you, I've moved the question to the helpdesk. I think we'll have a chance to reproduce the problem tomorrow evening or on Monday (I'll try to look at it tomorrow).

Sincerely yours
Eugene Mayevski



Topic viewed 1920 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!