This may not be valid but the URL you posted isn't correct. It should read https://server/data/file.kdbx. Assuming this isn't the problem are you able to read the file via Windows Explorer or Internet Explorer? It's also worth trying non-https, http://server/data/file.kdbx
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
thanks for your feedback. Actually the URL should be fine. I'm using it also in order to synchronize my password store with the Keepass2Android application - which works just fine.
It definitely is a HTTPS connection so HTTP is not working. Also removing the port-number does not change anything.
Cheers,
Nick
Last edit: Hbroll 2014-07-17
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
When I paste the URL into the Explorer it opens Firefox. After entering username/password I can download the file. The new beta of WinSCP (5.6) is also working fine with WebDAV.
I was thinking that maybe KeePass is having problems with the Proxy server that is used (it's a corporate network; configured via PAC-file). The configuration is set to "Use system proxy settings". Manually configuring the respective Proxy-settings in KeePass does also fail.
Best regards,
Nick
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Got the same problem here.. Tried to debug, but it doesn't show anything useful. Did a little research on the problem and it seems to be related to SSLv3 and weak encryption support. After some DSM update it's support was disabled by Synology. I can succsessfully mount this webdav-drive in windows, or access it with any browser, but keepass just returns this error (described by topic starter).
Here is a bit of log from http server on NAS:
The first two lines appeared after i tried to connect with Keepass URL
Then TLSv1 lines are the result of copying the same file using mounted net drive in windows explorer of the same PC.
Which protocol and cipher does keepass use to access webdav shares?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Yes, I'm using v.2.29. It's not related to proxy. My PC and Synology box are in one subnet and i'm using direct connection for testing. I have enabled all possible logs in httpd configs, but the only stuff I get is some empty lines in ssl logs (posted in comment above) and it looks like the server and the client (keepass) can't negotiate their encryption capabilities.
Server is Apache 2.2.29. Here is the part of httpd webdav configuration related to SSL:
<IfDefineSSL>
LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf-webdav
</IfDefine>
As I said, other webdav clients work without any issues and return something like this: [15/Apr/2015:10:07:58] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee/folder.gif HTTP/1.1" 217
By the way, does keepass decides which protocol to use or is it some default .NET setting, depending on installed version? Got .NET 3.5.1 on my PC.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
So, finally got it working on Windows 10 PC with .NET Framework 4.6. I'll try to install it on my other machine..
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-04-20
If i use a Cipher Suite with PFS on my lighttpd Server, i get also Errormessages in KeePass 2.29. If i use less strong Cipher Suite, i could connect. Could you solve the Problem with Installation of a newer .NET Framework or do you have changed something in your Cipher Suite?
BTW: Which Cipher Suite are supported in KeePass?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
KeePass doesn't support cipher suites, it just uses the .NET transport services. It does check SSL certificates and has an option to accept invalid certificates.
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-05-02
Many Thx, Paul. Do you know which Cipher Suites are supported by .NET?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi everyone,
whenever I'm trying to open my password store via WEBDAV (https://server:443/data/file.kdbx) I get the following error (KeePass v2.27):
"The underlying connection was closed: An unexpected error occurred on a send.
Received an unexpected EOD or 0 bytes from the transport stream."
Since it has been working in the past I'm not sure what's causing this error. I'm using a Synology NAS (DSM 5.0-4493 Update 2).
Is there any way I can get additional details / logging from the program?
Many thanks!
Nick
This may not be valid but the URL you posted isn't correct. It should read https://server/data/file.kdbx. Assuming this isn't the problem are you able to read the file via Windows Explorer or Internet Explorer? It's also worth trying non-https, http://server/data/file.kdbx
cheers, Paul
Hi Paul,
thanks for your feedback. Actually the URL should be fine. I'm using it also in order to synchronize my password store with the Keepass2Android application - which works just fine.
It definitely is a HTTPS connection so HTTP is not working. Also removing the port-number does not change anything.
Cheers,
Nick
Last edit: Hbroll 2014-07-17
Can you open the URL from Windows Explorer on the PC where KeePass fails?
cheers, Paul
Hi Paul,
When I paste the URL into the Explorer it opens Firefox. After entering username/password I can download the file. The new beta of WinSCP (5.6) is also working fine with WebDAV.
I was thinking that maybe KeePass is having problems with the Proxy server that is used (it's a corporate network; configured via PAC-file). The configuration is set to "Use system proxy settings". Manually configuring the respective Proxy-settings in KeePass does also fail.
Best regards,
Nick
Without server / firewall logs it's hard to determine, but corporate firewalls are notoriously tricky to configure with non-standard apps.
cheers, Paul
Got the same problem here.. Tried to debug, but it doesn't show anything useful. Did a little research on the problem and it seems to be related to SSLv3 and weak encryption support. After some DSM update it's support was disabled by Synology. I can succsessfully mount this webdav-drive in windows, or access it with any browser, but keepass just returns this error (described by topic starter).
Here is a bit of log from http server on NAS:
[15/Apr/2015:10:06:48] 10.10.243.254 - - "-" -
[15/Apr/2015:10:06:59] 10.10.243.254 - - "-" -
[15/Apr/2015:10:07:57] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee/desktop.ini HTTP/1.1" 218
[15/Apr/2015:10:07:57] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee HTTP/1.1" 1568
[15/Apr/2015:10:07:57] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee/folder.jpg HTTP/1.1" 217
[15/Apr/2015:10:07:58] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee/folder.gif HTTP/1.1" 217
[15/Apr/2015:10:07:58] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee HTTP/1.1" 1568
[15/Apr/2015:10:07:58] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee/Thumbs.db HTTP/1.1" 216
[15/Apr/2015:10:07:59] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "UNLOCK /misc/Thumbs.db HTTP/1.1" -
[15/Apr/2015:10:08:28] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND / HTTP/1.1" 7595
[15/Apr/2015:10:08:28] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "GET /home/kee/kee.kdbx HTTP/1.1" -
The first two lines appeared after i tried to connect with Keepass URL
Then TLSv1 lines are the result of copying the same file using mounted net drive in windows explorer of the same PC.
Which protocol and cipher does keepass use to access webdav shares?
There are lots of information when you google "Received an unexpected EOF or 0 bytes from the transport stream" regarding SSL and .NET
Have you tried V2.29? It has improved proxy behaviour.
KeePass uses NET for HTTP access so it may be a NET problem rather than KeePass.
More detail / logs are always useful in testing.
cheers, Paul
Yes, I'm using v.2.29. It's not related to proxy. My PC and Synology box are in one subnet and i'm using direct connection for testing. I have enabled all possible logs in httpd configs, but the only stuff I get is some empty lines in ssl logs (posted in comment above) and it looks like the server and the client (keepass) can't negotiate their encryption capabilities.
Server is Apache 2.2.29. Here is the part of httpd webdav configuration related to SSL:
DS> cat httpd-ssl.conf-webdav
DS> cat httpd-ssl.conf-common
DS> cat httpd-ssl.conf-cipher
I tried to enable all protocols and ciphers in config above, but it didn't help. Maybe I did it wrong or missed something.
This log returns empty protocol an cipher fields for keepass connection:
CustomLog /var/log/httpd/webdav-debug-ssl "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"As I said, other webdav clients work without any issues and return something like this:
[15/Apr/2015:10:07:58] 10.10.243.254 TLSv1 ECDHE-RSA-AES128-SHA "PROPFIND /home/kee/folder.gif HTTP/1.1" 217
By the way, does keepass decides which protocol to use or is it some default .NET setting, depending on installed version? Got .NET 3.5.1 on my PC.
So, finally got it working on Windows 10 PC with .NET Framework 4.6. I'll try to install it on my other machine..
If i use a Cipher Suite with PFS on my lighttpd Server, i get also Errormessages in KeePass 2.29. If i use less strong Cipher Suite, i could connect. Could you solve the Problem with Installation of a newer .NET Framework or do you have changed something in your Cipher Suite?
BTW: Which Cipher Suite are supported in KeePass?
KeePass doesn't support cipher suites, it just uses the .NET transport services. It does check SSL certificates and has an option to accept invalid certificates.
cheers, Paul
Many Thx, Paul. Do you know which Cipher Suites are supported by .NET?
Nope.
cheers, Paul