"SSL handshake failed" error with client TLS certificate

📱 Desktop & mobile clients 💻 Desktop
1

I’m trying to configure the Windows desktop client to work with a server that has some pretty specific security settings. I keep getting the above error when trying to connect.

I can log in fine from a web browser.

The server requires user-specific TLS certificates and uses a non-standard root CA. I’ve bundled all 3 files into a pkcs12 file.

I get the prompt at startup to configure client-side TLS certificates, browse for the .p12 bundle, enter the password, and receive the error. I’ve tried restarting the app, rebooting, and clearing any folders in AppData.

The server also uses a SSO CAS login flow, but I would assume that’s unrelated to the TLS issue.

My machine is also behind a proxy, but the client seems to pick up those settings fine.

My client is the latest version: 3.9.0

The relevant section of the log appears as follows (identifying information removed):

2023-06-21 10:50:56:408 [ info nextcloud.gui.wizard C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\gui\owncloudsetupwizard.cpp:201 ]: Setting QNAM proxy to be system proxy "HttpProxy://<Proxy Server Address>"
2023-06-21 10:50:56:411 [ info nextcloud.sync.accessmanager C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\accessmanager.cpp:78 ]:    2 "" "https://<Nextcloud Server Address>/status.php" has X-Request-ID "45f4ba81-4c80-4434-a2ab-8044ff618e2c"
2023-06-21 10:50:56:412 [ info nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:358 ]: OCC::CheckServerJob created for "https://<Nextcloud Server Address>" + "status.php" "OCC::OwncloudSetupWizard"
2023-06-21 10:50:56:884 [ warning nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:182 ]:      SslHandshakeFailedError:  "SSL handshake failed"  : can be caused by a webserver wanting SSL client certificates
2023-06-21 10:50:56:884 [ warning nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:221 ]:      QNetworkReply::SslHandshakeFailedError "SSL handshake failed" QVariant(Invalid)
2023-06-21 10:50:56:884 [ warning nextcloud.sync.networkjob.checkserver C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\networkjobs.cpp:534 ]: error: status.php replied  0 ""
2023-06-21 10:50:56:884 [ info nextcloud.sync.accessmanager C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\accessmanager.cpp:78 ]:    2 "" "https://<Nextcloud Server Address>" has X-Request-ID "f26f46c3-5740-4f0d-8727-22bf5e8708b6"
2023-06-21 10:50:56:884 [ info nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:358 ]: OCC::SimpleNetworkJob created for "https://<Nextcloud Server Address>" + "" ""
2023-06-21 10:50:57:334 [ warning nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:182 ]:      SslHandshakeFailedError:  "SSL handshake failed"  : can be caused by a webserver wanting SSL client certificates
2023-06-21 10:50:57:334 [ warning nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:221 ]:      QNetworkReply::SslHandshakeFailedError "SSL handshake failed" QVariant(Invalid)
2023-06-21 10:50:57:334 [ info nextcloud.sync.accessmanager C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\accessmanager.cpp:78 ]:    2 "" "https://<Nextcloud Server Address>/status.php" has X-Request-ID "8e4d3f5d-3561-420e-b0ad-150e42a3553e"
2023-06-21 10:50:57:334 [ info nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:358 ]: OCC::CheckServerJob created for "https://<Nextcloud Server Address>" + "status.php" "OCC::OwncloudSetupWizard"
2023-06-21 10:50:57:784 [ warning nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:182 ]:      SslHandshakeFailedError:  "SSL handshake failed"  : can be caused by a webserver wanting SSL client certificates
2023-06-21 10:50:57:784 [ warning nextcloud.sync.networkjob C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\abstractnetworkjob.cpp:221 ]:      QNetworkReply::SslHandshakeFailedError "SSL handshake failed" QVariant(Invalid)
2023-06-21 10:50:57:784 [ warning nextcloud.sync.networkjob.checkserver C:\Users\sysadmin\AppData\Local\Temp\2\windows-16015\client-building\desktop\src\libsync\networkjobs.cpp:534 ]: error: status.php replied  0 ""