SONY Lifelog Api: SSL Handshake failure

Question

I get an SSL handshake failure while trying to reach platform.lifelog.sonymobile.com:443 with either python (with requests library) or openssl.

Here are the output I get from openssl

ssl3:

$ >openssl s_client -connect platform.lifelog.sonymobile.com:443 -ssl3 -state 
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL3 alert read:fatal:handshake failure
SSL_connect:failed in SSLv3 read server hello A
3073824444:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1262:SSL alert number 40
3073824444:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
  Protocol  : SSLv3
  Cipher    : 0000
  Session-ID: 
  Session-ID-ctx: 
  Master-Key: 
  Key-Arg   : None
  PSK identity: None
  PSK identity hint: None
  SRP username: None
  Start Time: 1464110874
  Timeout   : 7200 (sec)
  Verify return code: 0 (ok)
---

tlsv1.1:

$>openssl s_client -connect platform.lifelog.sonymobile.com:443 -tls1_1
CONNECTED(00000003)
3074041532:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert    handshake failure:s3_pkt.c:1262:SSL alert number 40
3074041532:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
  Protocol  : TLSv1.1
  Cipher    : 0000
  Session-ID: 
  Session-ID-ctx: 
  Master-Key: 
  Key-Arg   : None
  PSK identity: None
  PSK identity hint: None
  SRP username: None
  Start Time: 1464110950
   Timeout   : 7200 (sec)
  Verify return code: 0 (ok)
---

tlsv1.2:

$>openssl s_client -connect platform.lifelog.sonymobile.com:443 -tls1_2
CONNECTED(00000003)
3074123452:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1262:SSL alert number 40
3074123452:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
   Protocol  : TLSv1.2
  Cipher    : 0000
  Session-ID: 
  Session-ID-ctx: 
  Master-Key: 
  Key-Arg   : None
  PSK identity: None
  PSK identity hint: None
  SRP username: None
  Start Time: 1464110938
  Timeout   : 7200 (sec)
  Verify return code: 0 (ok)
---

Do I need a client certificat or anything else? Thanks!

Answer 1

I'm using google-oauth-java-client from https://github.com/google/google-oauth-java-client to get data regularly from lifelog API. No special care was needed for certificates. Previous to Android client, I tested all my logic with a ARC (a Chrome's rest client ), also did some tests with curl, once I got the Bearer like this (you need to get your Authorization value following Lifelog API docs):

curl 'https://platform.lifelog.sonymobile.com/v1/users/me/activities' \
  -H 'Pragma: no-cache' -H 'Accept-Encoding: gzip, deflate, sdch' \
  -H 'Accept-Language: es-419,es;q=0.8,en-US;q=0.6,en;q=0.4' \
  -H 'Authorization: Bearer AuyKFAzQar5xhgRHhHKlboApaRKH' \
  -H 'Accept: */*' -H 'Cache-Control: no-cache' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.99 Safari/537.36' \
  -H 'Cookie: BLABLA' -H 'Connection: keep-alive' --compressed