Issue / Account login: SSL handshake failed

When trying to log in into your DragonBox account, you might see the following error:  SSL handshake failedThis is more often a problem on Android.



This problem can be caused by various issues.

1. Incorrect time&date


A simple cause could be that your device has an incorrect date & time configuration. Check its configuration before going further.


2. Outdated list of SSL Certificates


Another common issue is:
your device has an outdated list of SSL certificates causing the program and our authentication server to be unable to talk to each other.

Explanation


If you are interested by the technical aspects, here's a bit of detail. Feel free to skip this section if you only want to fix it :)

You probably know that for secure connections the web uses https connections. These connections use a technology called SSL. This technology allows 2 programs to exchange data securely over the Internet without anyone in the middle reading it. It is especially used when transmitting credentials (login/passwords) like in our current case.

For the data exchange to work, it starts with a handshake where the server (the program sending the data) starts by showing its identity and the receiving one checks the server's identity. For this to work, the identity was signed (using some kind of stamp, which we call certificates) beforehand by a higher authority, known to everyone.

Now these certificates get updated once in a while. Sometimes a computer has an outdated list of certificates. This causes it to be unable to validate the identity of the program sending the data as it doesn't recognize the certificate. It fails the SSL handshake and thus fails to initiate the data exchange.

How to fix this.


Assuming you have an Android, we can validate this assumption by checking whether or not the system contains the proper certificates.


In your system Settings, under section Security / Trusted Credentials there should be 2 lists of trusted certificates, a System one and a User one.

Under the System list you should find several Comodo or COMODO certificates, in particular one that has the full name COMO RSA Certification Authority.



If this certificate is missing you can install it by going to the following Comodo support URL download the attachment file named "comodorsaaddtrustca.crt" listed at the bottom of the page. Install it on your device by clicking on it. Depending on the device and/or system version, a few dialogs might show up to perform the installation:


You can double check that the certificates have been added to the User section of the Trusted Credentials and its signature and/or serial number matches information displayed on the Comodo site:



Now you should be able to communicate securely with our servers.

What to do if the certificate file cannot be read: 


Sometimes the device cannot read and install the certificate file:


In this case, you will have to install it by hand. Go to Settings / Security and select install from storage (or install from USB, USB Storage, or SD Card). Then locate the certificate you just downloaded, and install it.

As always, if you still have problems, please feel free to contact us! :) 

Feedback and Knowledge Base