Https Alert:UnrecognizedName Error

Question

Hi.
Sorry for asking the question again.

There is a self-signed certificate from the customer's WebDAV server.
In this case, a "SecureChannelFailure" error occurs and the Exception message is "Alert:UnrecognizedName (Level:Warning, Source:Remote)." is.

I have set it up to receive all certificates as shown below.
creator.Settings.SslAcceptAllCertificates = true;

What does this error mean and how should I deal with it?

Thank you.

Answer 1

Please create communication log and post it here or send it to support@rebex.net for analysis. How to create a log is described at https://www.rebex.net/kb/logging/

Comments

The log file has been sent to you by e-mail.

Our .Net version works fine.
But in Rebex Https (R5.6, R5.7) I get an error.

I also sent you a .Net version of Wireshark packet.

Looking at the packets, it is clear that the NAS device is doing something wrong, but the .Net version continues to do it well nonetheless.

Thank you.

---

Thank you for the log and Wireshark capture.
The Rebex log showed that the server really returned alert 0x70 (UnrecognizedName), which means: Sent by servers when no server exists identified by the name provided by the client via the “server_name” extension (see [RFC6066]).
It also showed, that you are trying to establish TLS 1.3.

The Wireshark capture showed that the system is trying to negotiate TLS 1.2.
The content of the “server_name” extension is same as in Rebex, which means the server is "lying" when sending UnrecognizedName alert in Rebex case.

It is probable that the server is handling TLS 1.3 ClientHello incorrectly. Please, try to disable TLS 1.3 by setting SslAllowedVersions like this:

creator.Settings.SslAllowedVersions = TlsVersion.TLS12;

---

Thanks for the detailed reply.