SSL routines:SSL23_WRITE:ssl handshake failure

Solution 1:

This looks to be a known issue with Ubuntu's 1.0.1 OpenSSL: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/965371

It doesn't look like a fix is available. If possible you could downgrade to 1.0.0.

Try openssl s_client -tls1 -connect myhost.com:443

Solution 2:

This error can be caused by an older version of openssl when it can not re-negotiate the cipher (I generated a self-signed certificate using elliptic curves).

Specifically, I was getting the same error on MacOS with default openssl - 0.9.8zh

After installing the brew version OpenSSL 1.0.2f the error went away:

~/bin/openssl s_client -connect localhost:45678 | grep Cipher

verify return:1
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-GCM-SHA384
    Cipher    : ECDHE-ECDSA-AES256-GCM-SHA384

Solution 3:

If you get this issue with a Java HTTPS server running on OpenJDK, try editing /etc/java-7-openjdk/security/java.security and commenting out the line

security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg

as discovered by Christoph W.

SSL routines:SSL23_WRITE:ssl handshake failure

Solution 1:

Solution 2:

Solution 3:

Tags:

Ssl

Openssl

Related

Recent Posts