<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Thanks Jorge, that helps confirm my suspicion. Are you running on linux? Based on this ticket (<a href="https://hub.qgis.org/issues/11473" class="">https://hub.qgis.org/issues/11473</a>), it sounds like the supported protocols may be dependent on the version of Qt that QGIS is using. Do you happen to know which version you’re using?<div class=""><br class=""></div><div class="">—john</div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Jan 5, 2017, at 4:30 PM, Jorge Gustavo Rocha <<a href="mailto:jgr@di.uminho.pt" class="">jgr@di.uminho.pt</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">Hi John,<br class=""><br class="">I've captured QGIS packets to/from the WMS service, after clicking "Connect" on QGIS (to get the capabilities document).<br class=""><br class="">The print screen is available at [1].<br class=""><br class="">Wireshark reports the protocol as TLSv1.2.<br class=""><br class="">Regards,<br class=""><br class="">Jorge<br class=""><br class="">[1] <a href="http://webgis.di.uminho.pt/~jgr/qgis-connect-https-wms-service.png" class="">http://webgis.di.uminho.pt/~jgr/qgis-connect-https-wms-service.png</a><br class=""><br class=""><br class="">Às 18:23 de 05-01-2017, John Cartwright escreveu:<br class=""><blockquote type="cite" class="">Thanks. I used wireshark to trace the session and it appears that QGIS<br class="">is attempting to make the connection with TLSv1 which I think is at<br class="">least part of the problem.<br class=""><br class="">Can either of you tell me what protocol and cipher suites you’re using?<br class=""> what OS you’re running on? Is there anyway to force QGIS to use a<br class="">different protocol?<br class=""><br class="">Thanks!<br class=""><br class="">—john<br class=""><br class=""><blockquote type="cite" class="">On Jan 4, 2017, at 1:59 AM, Pasquale Di Donato<br class=""><<a href="mailto:pasquale.didonato@gmail.com" class="">pasquale.didonato@gmail.com</a> <<a href="mailto:pasquale.didonato@gmail.com" class="">mailto:pasquale.didonato@gmail.com</a>>> wrote:<br class=""><br class="">Hi John,<br class=""><br class="">I can access your service too. Using QGIS 2.14.8.<br class="">Maybe you have an issue with a proxy?<br class=""><br class="">Pasquale<br class=""><br class="">On Wed, Jan 4, 2017 at 12:57 AM, Jorge Gustavo Rocha <<a href="mailto:jgr@di.uminho.pt" class="">jgr@di.uminho.pt</a><br class=""><<a href="mailto:jgr@di.uminho.pt" class="">mailto:jgr@di.uminho.pt</a>>> wrote:<br class=""><br class=""> Hi John,<br class=""><br class=""> I've added your WMS service and it works without any problem. I've<br class=""> just added the url and the connect works. The capabilities are<br class=""> displayed.<br class=""><br class=""> You can check the print screen [1] with your https WMS layer.<br class=""><br class=""> I'm using QGIS 2.18.2 on Ubuntu. Which OS are you using?<br class=""><br class=""> Regards,<br class=""><br class=""> Jorge Gustavo<br class=""><br class=""> [1] <a href="http://webgis.di.uminho.pt/~jgr/wms%20with%20https.png" class="">http://webgis.di.uminho.pt/~jgr/wms%20with%20https.png</a><br class=""> <<a href="http://webgis.di.uminho.pt/~jgr/wms%20with%20https.png" class="">http://webgis.di.uminho.pt/~jgr/wms%20with%20https.png</a>><br class=""><br class=""><br class=""> Às 17:42 de 03-01-2017 <tel:03-01-2017>, John Cartwright escreveu:<br class=""><br class=""> Thanks for your reply Luigi! To be clear, the WMS service<br class=""> that I’m<br class=""> trying to connect to does not require a username/password but<br class=""> is only<br class=""> available via https. The server (<a href="https://maps.ngdc.noaa.gov" class="">https://maps.ngdc.noaa.gov</a><br class=""> <<a href="https://maps.ngdc.noaa.gov/" class="">https://maps.ngdc.noaa.gov/</a>>) has a<br class=""> valid CA certificate. I tried adding a SSL Server Configuration<br class=""> (preferences -> authentication -> Manage Certificates -><br class=""> Server) and<br class=""> while the entry appears to be valid, I still get the SSL<br class=""> Handshake error<br class=""> when trying add a WMS layer.<br class=""><br class=""> Any further ideas? Here’s the actual URL I’m trying to add:<br class=""><br class=""> <a href="https://maps.ngdc.noaa.gov/arcgis/services/gebco08_hillshade/MapServer/WMSServer?request=GetCapabilities&service=WMS" class="">https://maps.ngdc.noaa.gov/arcgis/services/gebco08_hillshade/MapServer/WMSServer?request=GetCapabilities&service=WMS</a><br class=""> <<a href="https://maps.ngdc.noaa.gov/arcgis/services/gebco08_hillshade/MapServer/WMSServer?request=GetCapabilities&service=WMS" class="">https://maps.ngdc.noaa.gov/arcgis/services/gebco08_hillshade/MapServer/WMSServer?request=GetCapabilities&service=WMS</a>><br class=""><br class=""> Thanks again for your help!<br class=""><br class=""> —john<br class=""><br class=""><br class=""> On Jan 2, 2017, at 1:52 AM, Luigi Pirelli<br class=""> <<a href="mailto:luipir@gmail.com" class="">luipir@gmail.com</a> <<a href="mailto:luipir@gmail.com" class="">mailto:luipir@gmail.com</a>><br class=""> <<a href="mailto:luipir@gmail.com" class="">mailto:luipir@gmail.com</a> <<a href="mailto:luipir@gmail.com" class="">mailto:luipir@gmail.com</a>>>> wrote:<br class=""><br class=""> Hi John<br class=""><br class=""> SSL is managed storing credentials using the QGIS<br class=""> Authentication<br class=""> Manager that store credentials in the same way as Firefox,<br class=""> in a master<br class=""> pwd crypted store in your $home/.qgis2/qgis-auth.db.<br class=""> You should managed credentials using<br class=""> Settings->options->authentication.<br class=""><br class=""> QGIS uses OpenSSL => and specifically can import different<br class=""> king of<br class=""> credential method (using plugins => can be expanded). De<br class=""> default auth<br class=""> method installed are listed in the documentation:<br class=""> <a href="https://docs.qgis.org/2.14/en/docs/user_manual/auth_system/auth_overview.html" class="">https://docs.qgis.org/2.14/en/docs/user_manual/auth_system/auth_overview.html</a><br class=""> <<a href="https://docs.qgis.org/2.14/en/docs/user_manual/auth_system/auth_overview.html" class="">https://docs.qgis.org/2.14/en/docs/user_manual/auth_system/auth_overview.html</a>><br class=""><br class=""> what is you auth method? can you explain the workflow you<br class=""> followed to<br class=""> store and use your credentials?<br class=""><br class=""> regards<br class=""> Luigi Pirelli<br class=""><br class=""> **************************************************************************************************<br class=""> * Boundless QGIS Support/Development: lpirelli AT<br class=""> boundlessgeo DOT com<br class=""> * LinkedIn: <a href="https://www.linkedin.com/in/luigipirelli" class="">https://www.linkedin.com/in/luigipirelli</a><br class=""> <<a href="https://www.linkedin.com/in/luigipirelli" class="">https://www.linkedin.com/in/luigipirelli</a>><br class=""> * Stackexchange:<br class=""> <a href="http://gis.stackexchange.com/users/19667/luigi-pirelli" class="">http://gis.stackexchange.com/users/19667/luigi-pirelli</a><br class=""> <<a href="http://gis.stackexchange.com/users/19667/luigi-pirelli" class="">http://gis.stackexchange.com/users/19667/luigi-pirelli</a>><br class=""> * GitHub: <a href="https://github.com/luipir" class="">https://github.com/luipir</a><br class=""> * Mastering QGIS 2nd Edition:<br class=""> *<br class=""> <a href="https://www.packtpub.com/big-data-and-business-intelligence/mastering-qgis-second-edition" class="">https://www.packtpub.com/big-data-and-business-intelligence/mastering-qgis-second-edition</a><br class=""> <<a href="https://www.packtpub.com/big-data-and-business-intelligence/mastering-qgis-second-edition" class="">https://www.packtpub.com/big-data-and-business-intelligence/mastering-qgis-second-edition</a>><br class=""> **************************************************************************************************<br class=""><br class=""><br class=""> On 29 December 2016 at 22:38, John Cartwright<br class=""> <<a href="mailto:john.c.cartwright@comcast.net" class="">john.c.cartwright@comcast.net</a><br class=""> <<a href="mailto:john.c.cartwright@comcast.net" class="">mailto:john.c.cartwright@comcast.net</a>>> wrote:<br class=""><br class=""> Hello All,<br class=""><br class=""> I’m trying to use a WMS service over https and get the<br class=""> following<br class=""> error when trying to connect:<br class=""><br class=""> Failed to download capabilities:<br class=""> Download of capabilities failed: SSL handshake failed<br class=""><br class=""> The URL works fine in a browser though. I’m guessing<br class=""> that QGIS and<br class=""> the server are not able to agree on a cipher suite.<br class=""> Can anyone tell<br class=""> me what ciphers QGIS supports or any way to get more<br class=""> insight into the<br class=""> underlying problem?<br class=""><br class=""> QGIS is version 2.18.2.<br class=""><br class=""> Thanks!<br class=""><br class=""> —john<br class=""><br class=""> _______________________________________________<br class=""> Qgis-user mailing list<br class=""> <a href="mailto:Qgis-user@lists.osgeo.org" class="">Qgis-user@lists.osgeo.org</a><br class=""> <<a href="mailto:Qgis-user@lists.osgeo.org" class="">mailto:Qgis-user@lists.osgeo.org</a>><br class=""> List info:<br class=""> <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class=""> <<a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a>><br class=""> Unsubscribe:<br class=""> <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class=""> <<a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a>><br class=""><br class=""><br class=""><br class=""><br class=""> _______________________________________________<br class=""> Qgis-user mailing list<br class=""> <a href="mailto:Qgis-user@lists.osgeo.org" class="">Qgis-user@lists.osgeo.org</a> <<a href="mailto:Qgis-user@lists.osgeo.org" class="">mailto:Qgis-user@lists.osgeo.org</a>><br class=""> List info: <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class=""> <<a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a>><br class=""> Unsubscribe: <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class=""> <<a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a>><br class=""><br class=""><br class=""> J. Gustavo<br class=""> --<br class=""> Jorge Gustavo Rocha<br class=""> Departamento de Informática<br class=""> Universidade do Minho<br class=""> 4710-057 Braga<br class=""> Tel: +351 253604480 <tel:%2B351%20253604480><br class=""> Fax: +351 253604471 <tel:%2B351%20253604471><br class=""> Móvel: +351 910333888 <tel:%2B351%20910333888><br class=""> skype: nabocudnosor<br class=""><br class=""><br class=""> _______________________________________________<br class=""> Qgis-user mailing list<br class=""> <a href="mailto:Qgis-user@lists.osgeo.org" class="">Qgis-user@lists.osgeo.org</a> <<a href="mailto:Qgis-user@lists.osgeo.org" class="">mailto:Qgis-user@lists.osgeo.org</a>><br class=""> List info: <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class=""> <<a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a>><br class=""> Unsubscribe: <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class=""> <<a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a>><br class=""><br class=""><br class="">_______________________________________________<br class="">Qgis-user mailing list<br class=""><a href="mailto:Qgis-user@lists.osgeo.org" class="">Qgis-user@lists.osgeo.org</a> <<a href="mailto:Qgis-user@lists.osgeo.org" class="">mailto:Qgis-user@lists.osgeo.org</a>><br class="">List info: <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class="">Unsubscribe: <a href="http://lists.osgeo.org/mailman/listinfo/qgis-user" class="">http://lists.osgeo.org/mailman/listinfo/qgis-user</a><br class=""></blockquote><br class=""></blockquote><br class="">J. Gustavo<br class="">-- <br class="">Jorge Gustavo Rocha<br class="">Departamento de Informática<br class="">Universidade do Minho<br class="">4710-057 Braga<br class="">Tel: +351 253604480<br class="">Fax: +351 253604471<br class="">Móvel: +351 910333888<br class="">skype: nabocudnosor<br class=""></div></blockquote></div><br class=""></div></body></html>