Error: Client requests stronger encryption than server allows

Issue

When attempting to upload to or download files from an Aspera server, the transfer fails with the following error message:

Server aborted session: Client requests stronger encryption than server allows

This is due to the transfer being encrypted, and the server being configured to accept or send only non-encrypted transfers.

Solution

You must either initiate non-encrypted transfers to the server, or the server must be configured to allow encrypted transfers.

To send non-encrypted transfers on the GUI, right click on an existing transfer or hot folder and select Edit. Click the Security tab, and make sure the Encrypt data in transit option is not selected. Content protection can still be used as normal. Any future transfers should be made without enabling the Encryption option.

unencrypted_transfers_gui.jpg

To send non-encrypted transfers on the command line via ascp, add the -T flag to disable encryption, as below:

ascp -T file transfer_user@host:/

To configure the server to allow encrypted transfers, click the Configuration button in the GUI. On the left, click either Global, Groups or Users depending on whether you want to allow encrypted transfers for all transfers, for transfers to users belonging to a group, or only for transfers to a specific user.

On the right, click the Authorization tab. Find Encryption Allowed at the bottom. The none value only allows non-encrypted transfers. Change the value to any to allow both encrypted and non-encrypted transfers, or select aes-128 to only allow encrypted transfers.

allow_encrypted_transfers_gui.jpg

This server encryption configuration can also be set in aspera.conf. In the appropriate section (<default> to set it globally, or in the desired group or user section), the configuration option looks like the following:

<transfer>
    <encryption>
        <allowed_cipher>any</allowed_cipher>
    </encryption>
</transfer>
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk