Can't Access DW on iPad

calan

Silver Member
Opened Safari to see what it has to say. Managed to get this:
 

Attachments

  • Screen Shot 2021-10-22 at 10.46.20 PM.png
    Screen Shot 2021-10-22 at 10.46.20 PM.png
    57.5 KB · Views: 5

Supergrobi

Technical Supervisor
Great, thanks a lot for the screenshot. I'm in contact with the support again. All tests we ran didn't show any problems with the certificate. Help desk found that there's some older Safari versions which aren't supported anymore:
Code:
Safari 6 / iOS 6.0.1    Server sent fatal alert: handshake_failure
Safari 7 / iOS 7.1  R    Server sent fatal alert: handshake_failure
Safari 7 / OS X 10.9  R    Server sent fatal alert: handshake_failure
Safari 8 / iOS 8.4  R    Server sent fatal alert: handshake_failure
Safari 8 / OS X 10.10  R    Server sent fatal alert: handshake_failure
Safari 9 / iOS 9  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 9 / OS X 10.11  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 10 / iOS 10  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 10 / OS X 10.12  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 12.1.2 / MacOS 10.14.6 Beta  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 12.1.1 / iOS 12.3.1  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Apple ATS 9 / iOS 9  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
So Safari <= 8 rejects the handshake. Which versions are you running? @calan @MusiQmaN
 

calan

Silver Member
It is likely an older version of Safari. It's a relatively ancient Mac pro that can't upgrade past El Capitan. I'll give it a closer look when I can get to it.
 

Supergrobi

Technical Supervisor
Please also try to access https://letsencrypt.org from the Safari showing the issue and see if it works/fails. The certificate on your computer is outdated, this one isn't installed on our machine, drummerworld.com is confirmed running the latest version. I assume you already did all updates available for OS and browser.
 

MusiQmaN

Platinum Member
Great, thanks a lot for the screenshot. I'm in contact with the support again. All tests we ran didn't show any problems with the certificate. Help desk found that there's some older Safari versions which aren't supported anymore:
Code:
Safari 6 / iOS 6.0.1    Server sent fatal alert: handshake_failure
Safari 7 / iOS 7.1  R    Server sent fatal alert: handshake_failure
Safari 7 / OS X 10.9  R    Server sent fatal alert: handshake_failure
Safari 8 / iOS 8.4  R    Server sent fatal alert: handshake_failure
Safari 8 / OS X 10.10  R    Server sent fatal alert: handshake_failure
Safari 9 / iOS 9  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 9 / OS X 10.11  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 10 / iOS 10  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 10 / OS X 10.12  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 12.1.2 / MacOS 10.14.6 Beta  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 12.1.1 / iOS 12.3.1  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Apple ATS 9 / iOS 9  R    RSA 2048 (SHA256)      TLS 1.2    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
So Safari <= 8 rejects the handshake. Which versions are you running? @calan @MusiQmaN
I use only Chrome, but got the same error with Safari.
I run version 94 of Chrome, and 11.1.2 of Safari.

OS is 10.11.6.
 

Supergrobi

Technical Supervisor
OS is 10.11.6.
Reading through this:


...it seems like your 10.11 isn't updating certs properly (see Bryan Starrs reply). So to me it seems that you're both running old Apple hardware missing proper support. There's some more solutions to try like deleting all expired certs in Keychain app and rebooting the machine you could try. I've also read about some automatic keychain repairs inside the application but I'm no Apple guy so I don't have a clue.
 

MusiQmaN

Platinum Member
Reading through this:


...it seems like your 10.11 isn't updating certs properly (see Bryan Starrs reply). So to me it seems that you're both running old Apple hardware missing proper support. There's some more solutions to try like deleting all expired certs in Keychain app and rebooting the machine you could try. I've also read about some automatic keychain repairs inside the application but I'm no Apple guy so I don't have a clue.
Its an older iMac indeed (I never turn away a free gift).

I was just suprised that this is the only website of the hundreds I visit each day, that gives this error.

Let me check out the Keychain.
 

someguy01

Well-known member
Throw the apples in the compost bin where they belong and use, well, anything else. Problem: solved.
 
Top