XMPP Handshake Failing

J Kephart jkephart at safetynetaccess.com
Tue Jul 14 15:34:08 EDT 2015


Michael,

Thanks; I think that might be it.  I just tried logging onto their
service from a Windoze machine running Firefox and got this:  "SSL
received a weak ephemeral Diffie-Hellman key in Server Key Exchange
handshake message."  I'm guessing that's the issue, although Pidgin will
run and connect fine from that same system.

Does that sound like the potential issue to you?

Best,

Jim

On 07/14/2015 02:56 PM, Michael McConville wrote:
> On Tue, Jul 14, 2015 at 02:24:19PM -0400, J Kephart wrote:
>> We're suddenly experiencing handshake failures when connecting via
>> XMPP to our VoIP provider's service on uc.8x8.com--but only on
>> Linux-based systems, such as Ubuntu. I've posted a typical debug log
>> below:
>>
>> (13:42:21) *jabber:* Recv (358): <?xml version="1.0" encoding="UTF-8"?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" from="uc.8x8.com" version="1.0" id="a13f3b0825cc44998ed98b0398b38893"><stream:features xmlns:stream="http://etherx.jabber.org/streams"><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required></required></starttls></stream:features>
>> (13:42:21) *jabber:* Sending (xxx at uc.8x8.com): <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>
>> (13:42:21) *jabber:* Recv (59): <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"></proceed>
>> (13:42:21) *nss:* Handshake failed  (-12156)
>> (13:42:21) *connection:* Connection error on 0x7f0ffa07a170 (reason: 5 description: SSL Handshake Failed)
> It's the TLS handshake failing. Has either the client or server software
> been changed or updated recently? If not, my guess is that the server's
> certificate expired.
> .
>



More information about the Support mailing list