SSL connection failure
Maxim Baglay
mbaglay92 at gmail.com
Wed Jun 14 02:09:15 PDT 2017
Hello,
it's 7.07 with cherry-picked 4ce9c9241f5707917e87e93a055f757cea5fb84d commit.
Running without --no-http-keepalive did not help. Adding --dump -vvvv
did not show anything more. The same output appears.
Thanks, Max.
2017-06-14 3:11 GMT+03:00 Daniel Lenski <dlenski at gmail.com>:
> On Tue, Jun 13, 2017 at 4:30 AM, Maxim Baglay <mbaglay92 at gmail.com> wrote:
>> Yesterday stared getting next error on attempt to use openconnect:
>>
>> WARNING: Juniper Network Connect support is experimental.
>> It will probably be superseded by Junos Pulse support.
>> Disabling all HTTP connection re-use due to --no-http-keepalive option.
>> If this helps, please report to <openconnect-devel at lists.infradead.org>.
>> Connected to ______:443
>> SSL negotiation with ________
>> SSL connection failure: A TLS packet with unexpected length was received.
>> Creating SSL connection failed
>>
>> Command used to connect:
>>
>> openconnect --no-cert-check --juniper "https://______/vip"
>> --cookie=$DSID --no-http-keepalive --reconnect-timeout 0
>>
>> Can you help me getting figuring this out and get it working?
>
> What version of openconnect are you running? (Also, why are you
> running with --no-http-keepalive? This option is intended to work
> around a bug that is only known to exist for *Cisco* servers, not
> Juniper.)
>
> You should also run with `--dump -vvvv` to turn on the most verbose
> logging level.
>
> -Dan
More information about the openconnect-devel
mailing list