Have an idea?

Visit Sawtooth Software Feedback to share your ideas on how we can improve our products.

SSI Web - Error uploading, Could not create SSL/TLS secure channel

Uploading survey crashes after clicking "Upload to Server". I get a popup with message:  
Unable to access the study
SSI Web tried the following urls:
https://mysite_name.../test409
  The request was aborted: Could not create SSL/TLS secure channel

https://mysite_name.../
  The request was aborted: Could not create SSL/TLS secure channel

Please check your web root and remote study path settings.

I am connecting with SFTP. The website is running HTTPS (LetsEncrypt certificate). I am able to upload to my old server with the same client. So the difference of the old server and this new server is:
Old: Centos6,Perl 5.10.1, Apache2.2.15, MariaDB 5.5, LetsEncrypt HTTPS,
New: Centos7, Perl 5.16.3Apache2.4.6, MariaDB 5.5, LetsEncrypt HTTPS

I have run the test scripts that show that Perl is installed correctly.
 Running SSI Web 8.4.8. client.
Any idea where I could start troubleshooting?

Fror SSI Web report log:
Initializing...done
Logging in...successful
Reading home folder...done.
Feature checking...done.
Verifying /...done.
Uploading test html page...done.
Testing http access...failed.
Removing file /ssiwebtest8_4_8.html...done.
Running connection clean up...done.
asked Jan 19 by asle (120 points)

1 Answer

0 votes
Version 8 is considered legacy software now and isn't actively developed or supported anymore (I believe it was originally released maybe around 2012?).  

Many newer operating systems are discontinuing support for (or default to not allowing) the older TLS protocols as they are no longer considered secure.  My guess is this is the cause as SSI Web v8 uses I think TLS 1.0 or 1.1.  Perhaps Centos 7 will allow you to enable that protocol again?
answered Jan 20 by Brian McEwan Platinum Sawtooth Software, Inc. (50,525 points)
Thanks, I was suspecting that. I was able to enable TLSv1 and TLSv1.1 on the server (gives B score in SSLlabs because of that). I then got past the message of "...SSL/TLS secure channel..." but now I get another message: "Unable to acess the study admin module:
SSI Web tried the following urls:
https://mysserver_name/cgi-bin....
.. the external server returned an error (404) Could not find file. Please check your web root url and remote study path settings.

I know this is legacy software but trying to use this a little longer!

log:
Verifying /...done.
Uploading test html page...done.
Testing http access...done.
Removing file /ssiwebtest8_4_8.html...done.
Reading /admin contents...done.
Checking checksum file...done.
Reading /cgi-bin contents...done.
Checking if test4_config.cgi exists on remote server...exists.
Checking to see if remote study name matches...matches.
Checking if test4_path.cgi already exists on remote server...exists.
Checking if authlib8_4_8.pl already exists on remote server...exists.
Checking if admin.pl already exists on remote server...exists.
No files to upload.
Configuring study settings...done.
Checking for access to admin module...failed.
Running connection clean up...done.
Forget the last error message. It seems to be working fine now! I was able to fix this by editing the conf file for LetsEncrypt.

I dissabled ssl.conf in /etc/httpd/conf.d/
In my vhost file LetsEncrypt automatically includes "options-ssl-apache.conf". In this file I changed 2 things. Changed the line with "SSLProtocol" to:
SSLProtocol             all -SSLv2 -SSLv3
and disabled the line starting with "SSLCipherSuite". I get "B" rating in SSLLabs but I can live with that.
...