Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Question:

Question: Safari can’t establish a secure connection to the server

In Safari 4 and now Safari 5 in windows I get this message when trying to access our web site.

---------------------------------------
Safari can’t open the page.

Safari can’t open the page “ https://central.acadiau.ca/home” because Safari can’t establish a secure connection to the server “central.acadiau.ca”.
---------------------------------------

The crazy part about this issue, Safari Mac 4 and 5 works. Firefox mac, win, linux works. Chrome mac, win works. All except for Safari 4 and 5.

What is the issue here? Why does it work on everything else but Safari windows??


Tired it as a fresh install on a windows xp machine that has never has safari installed and it does the same thing.

Anyone have any ideas why this would not be working?

Windows XP Pro

Posted on

Reply
Question marked as Helpful

Jun 21, 2010 12:36 PM in response to RichardWest In response to RichardWest

RichardWest wrote:
How did you disable TLSv1 in Safari to test that out?


I couldn't - it may be possible, but I don't know how. What I could do is drop disabling TLSv1 on the backend, which at least in one specific case made everything to work (waiting for feedback in the other, may take a day more).

You may want to see if you can have the admins check your site's SSL settings.

Just by looking at the protocol conversation, it looks like Safari is the culprit, as it's closing the connection after a normal looking handshake without warning.

There’s more to the conversation

Read all replies

Page content loaded

Jun 16, 2010 11:13 AM in response to RichardWest In response to RichardWest

Confirmed that I can not access your site through Safari 5 windows or Safari mobile but I can access it on Mac Safari 4 and 5. We are experiencing the same issue for our secure sites since the release of Safari 5.

Is your certificate installed directly on the server or is there something in between (reverse proxy, etc)?

Jun 16, 2010 11:13 AM

Reply Helpful

Jun 21, 2010 11:20 AM in response to RichardWest In response to RichardWest

Thanks for that link! It let me track down a similar problem. It looks like it's only occurring with Safari 4/5 and Vista/Win7. The certificates seem to be in order, and trusted by the Windows cert store.

In our case, it looks like the problem is either the SSL protocol level, or the cipher selection used by Safari - it tries to open a connection with TLSv1 (which is SSLv3.1), and then doesn't like (without explanation) that the server answers in SSLv3, but with ciphers that otherwise could work in TLSv1 too.

It also seems that your server flat out refuses to communicate with TLSv1, and in my case the factors to bump into the same error were:

* the server only allowed sslv3 connections
* the server only allowed HIGH+MEDIUM ciphers

Changing either of those made Safari work for me. In particular enabling TLSv1 is a good idea. I can't tell what Safari thinks when it fails making the connection, frankly the error message is not that descriptive - it may be a Safari issue after all. Now how to report it...

Jun 21, 2010 11:20 AM

Reply Helpful
Question marked as Helpful

Jun 21, 2010 12:36 PM in response to RichardWest In response to RichardWest

RichardWest wrote:
How did you disable TLSv1 in Safari to test that out?


I couldn't - it may be possible, but I don't know how. What I could do is drop disabling TLSv1 on the backend, which at least in one specific case made everything to work (waiting for feedback in the other, may take a day more).

You may want to see if you can have the admins check your site's SSL settings.

Just by looking at the protocol conversation, it looks like Safari is the culprit, as it's closing the connection after a normal looking handshake without warning.

Jun 21, 2010 12:36 PM

Reply Helpful (1)

Jul 29, 2010 6:01 AM in response to chexum In response to chexum

After some what giving up on this issue I was then notified that the iPad was doing the same thing. After crawling through log files I found an error code than led me to an article that talked more about my specific issue. The issue had to do with the webserver only supports SSL V2.0 and SSLV3.0 not TLSv1 and after fixing the issue on our server it worked.

Jul 29, 2010 6:01 AM

Reply Helpful
User profile for user: RichardWest

Question: Safari can’t establish a secure connection to the server