clifffff
Level 1 (0 points)

Q: Server: CFNetwork SSLHandshake failed (-9806)

I've just updated my Mini server to Yosemite and update Server to version 4, however I now don't seem to be able to connect to it remotely via the Server app.  Initially the websites service wouldn't start, because Apache was complaining that my private key could not be decrypted without a passphrase (although there isn't one!), but I managed to solve that by reimporting the RapidSSL SHA-2 CA certs (including the intermediate cert with SHA-1 root).

 

Unfortunately reimporting the CA certs does not seem to have affected my ability to connect to the server remotely.  The server doesn't seem to be complaining in its logs any more, but client side I am seeing this:

17/10/2014 16:11:18.930 Server[53395]: CFNetwork SSLHandshake failed (-9806)

It appears every few seconds in my log while I am trying to connect.

 

Any ideas?  Many thanks in advance!

Mac mini, OS X Yosemite (10.10)

Posted on Oct 17, 2014 8:24 AM

Close
clifffff

Q: Server: CFNetwork SSLHandshake failed (-9806)

  • All replies
  • Helpful answers

  • by kirdes,

    kirdes kirdes Oct 21, 2014 7:51 AM in response to clifffff
    Level 1 (9 points)
    Servers Enterprise
    Oct 21, 2014 7:51 AM in response to clifffff

    Hi, you can delete the identity cert & cert preference:

     

    sudo security set-identity-preference -n -s com.apple.servermgrd /Library/Keychains/System.keychain

    sudo security delete-certificate -c com.apple.servermgrd /Library/Keychains/System.keychain

     

    After a Macos restart servermgrd should created a new (ssl signed) certificate.

     

    I have to do this since server version 4 after every upgrade :-(

  • by Daniel Luke,

    Daniel Luke Daniel Luke Oct 21, 2014 8:44 AM in response to kirdes
    Level 1 (5 points)
    Oct 21, 2014 8:44 AM in response to kirdes

    Thanks! I was having trouble getting this to work (since I didn't try restarting my server) - your reply here helped me out.

  • by Stacy_C,

    Stacy_C Stacy_C Oct 23, 2014 3:31 PM in response to kirdes
    Level 1 (0 points)
    Oct 23, 2014 3:31 PM in response to kirdes

    This solved it for me as well -- thank you very much.

     

    Stacy Conaway

    ACN

    CincoTec