This message error is: Alert: www.saci.racsa.co.cr has recived an incorrect or inexpected message. Error Code: -12227. I don't know what It means!. I try to access a secure site (https), but this problem appear only when I input this URL: https://www.saci.racsa.co.cr . This problem appear only in Mozilla Version 1.1.0 (Build 2002082604), in the prior version (1.0)this problem does not exist. Thanks!. __________________________________ Have a nice day!.

I got an alert that the page is using low-grade encryption. WFM Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826

... and I get no error at all. Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826

I'm seeing this as well, but only with 1.2a... Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2a) Gecko/20020910 This page works for me with 1.1 and 1.0.1 (displays low-grade encryption warning).

I just checked the latest Win32 and Linux builds, and this bug is still here. (2002-09-16-08-trunk) With >= 1.2a, it seems that connecting to export-grade SSL sites is broken. When attempting to connect to https://bcoba-server.bigpond.net.au:8443/ , a dialog box pops up with the following: "bcoba-server.bigpond.net.au has received an incorrect or unexpected message. Error Code: -12226" I would change the OS, Component, and Summary, but bugzilla won't let me. :)

*** Bug 169274 has been marked as a duplicate of this bug. ***

Confirming based on duplicate reports. OS->All Severity->Major Tweaking summary based on comment #4 Component->Networking

1) Let us say I have host1, host2. 2) I opened two browser(Netscape 7.0/Mozilla 0.9.9 - Redhat Linux 7.3) "navigator windows", say window1, window2. 3) I am able to access https://host1 using "navigator window1". 4) Without closing window1, I try to access https://host2 using "navigator window2". Then I get the following message: xxx has recived an incorrect or inexpected message. Error Code: -12227 I do not see this problem in (Windows 2000 - IE). I am using Apache 1.3, Open SSL in host1, host2. It is the same httpd, same configuration in host1 and host2.

This bug is still present (I just tested 2002-10-20-04-trunk and Phoenix 0.3). I'm adding kaie to the CC list.

-> PSM I confirm with 1.2a and 1.2b. Version 1.1b works. Again, this looks like a TLS intolerant site, that no longer works, since we changed the list of error codes that result in TLS intolerance assumption. Nelson, is it reasonable to always retry assuming TLS intolerance on SSL_ERROR_HANDSHAKE_FAILURE_ALERT?

The test URL is nelsonb's Flavor B TLS intolerant server, using low grade encryption, and I get the error message and cannot reach the site. https://www.e-girot.net/ewh/visafaktura is also nelsonb's Flavor B TLS intolerant server, using low grade encryption, and I can reach the site.

*** Bug 175287 has been marked as a duplicate of this bug. ***

In answer to the question in comment 9 Yes, SSL_ERROR_HANDSHAKE_FAILURE_ALERT can imply TLS intolerance. So can SSL_ERROR_ILLEGAL_PARAMETER_ALERT SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BAD_SERVER SSL_ERROR_BAD_BLOCK_PADDING SSL_ERROR_UNSUPPORTED_VERSION SSL_ERROR_PROTOCOL_VERSION_ALERT SSL_ERROR_RX_MALFORMED_FINISHED SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE SSL_ERROR_RX_UNKNOWN_ALERT

This patch adds all the codes that Nelson suggests to the list of codes that will be assumed as possible TLS intolerance when occuring before the first content byte was exchanged.

Javi, can you please review?

Comment on attachment 103643 [details] [diff] [review] Patch v1 r=javi

Comment on attachment 103643 [details] [diff] [review] Patch v1 sr=jag

Comment on attachment 103643 [details] [diff] [review] Patch v1 a=blizzard on behalf of drivers for 1.2 final. Try to get this in before the tree closure on the morning of Nov 5th, 2002 or you're going to have to wait until after we finish making the branch.

Checked in before the tree closed.

fixed

Verified.