Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

asked 2018-12-21 01:54:55 +0000

net_tech gravatar image

TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Hi,

Nginx is running on CentOS as a reverse proxy with a public cert. When devices are connecting to the service they fail with the following errors.

RC:-500 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL V3 cannot be set as min SSL protocol version. Ignoring.
RC:-500 MSS:(CERT_checkCertificateIssuer:1289) CERT_checkCertificateIssuerAux() failed: -7608
RC:-500 MSS:(CERT_validateCertificate:4038) CERT_checkCertificateIssuer() failed: -7608
RC:-7608 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL_negotiateConnection() failed: Unknown Error
RC:-500 WEBSOCKET:tera_mgmt_ssl_open_connection failed (ssl_session_id: 4)

Software vendor was unable to help, so we turned to wireshark.

Looks like we are breaking right at the certificate key exchange

Google shows several posts with the same issue, however no solution is offered. TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Any suggestions on what to check are greatly appreciated

image description

TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Hi,

Nginx is running on CentOS as a reverse proxy with a public cert. When devices are connecting connect to the service they fail with the following errors.

RC:-500 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL V3 cannot be set as min SSL protocol version. Ignoring.
RC:-500 MSS:(CERT_checkCertificateIssuer:1289) CERT_checkCertificateIssuerAux() failed: -7608
RC:-500 MSS:(CERT_validateCertificate:4038) CERT_checkCertificateIssuer() failed: -7608
RC:-7608 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL_negotiateConnection() failed: Unknown Error
RC:-500 WEBSOCKET:tera_mgmt_ssl_open_connection failed (ssl_session_id: 4)

Software vendor was unable to help, so we turned to wireshark.

Looks like we are breaking right at the certificate key exchange

Google shows several posts with the same issue, however no solution is offered. TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Any suggestions on what to check are greatly appreciated

image description

TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Hi,

Nginx is running on CentOS as a reverse proxy with a public cert. When devices connect to the service they fail with the following errors.

RC:-500 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL V3 cannot be set as min SSL protocol version. Ignoring.
RC:-500 MSS:(CERT_checkCertificateIssuer:1289) CERT_checkCertificateIssuerAux() failed: -7608
RC:-500 MSS:(CERT_validateCertificate:4038) CERT_checkCertificateIssuer() failed: -7608
RC:-7608 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL_negotiateConnection() failed: Unknown Error
RC:-500 WEBSOCKET:tera_mgmt_ssl_open_connection failed (ssl_session_id: 4)

Software vendor was unable to help, so we turned to wireshark.

Looks like we are breaking right at the certificate key exchange

Google shows several posts with the same issue, however no solution is offered. TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Any suggestions on what to check are greatly appreciated

image description

Content Type: Alert (21) Level: Fatal (2) Description: Internal Error (80)

TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Hi,

Nginx is running on CentOS as a reverse proxy with a public cert. When devices connect to the service they fail with the following errors.

RC:-500 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL V3 cannot be set as min SSL protocol version. Ignoring.
RC:-500 MSS:(CERT_checkCertificateIssuer:1289) CERT_checkCertificateIssuerAux() failed: -7608
RC:-500 MSS:(CERT_validateCertificate:4038) CERT_checkCertificateIssuer() failed: -7608
RC:-7608 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL_negotiateConnection() failed: Unknown Error
RC:-500 WEBSOCKET:tera_mgmt_ssl_open_connection failed (ssl_session_id: 4)

Software vendor was unable to help, so we turned to wireshark.

Looks like we are breaking right at the certificate key exchange

Google shows several posts with the same issue, however no solution is offered. TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Any suggestions on what to check are greatly appreciated

image descriptionContent Type: Alert (21)
Level: Fatal (2)
Description: Internal Error (80)

Content Type: Alert (21) Level: Fatal (2) Description: Internal Error (80)image description

TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Hi,

Nginx is running on CentOS as a reverse proxy with a public cert. When devices connect to the service they fail with the following errors.

RC:-500 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL V3 cannot be set as min SSL protocol version. Ignoring.
RC:-500 MSS:(CERT_checkCertificateIssuer:1289) CERT_checkCertificateIssuerAux() failed: -7608
RC:-500 MSS:(CERT_validateCertificate:4038) CERT_checkCertificateIssuer() failed: -7608
RC:-7608 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL_negotiateConnection() failed: Unknown Error
RC:-500 WEBSOCKET:tera_mgmt_ssl_open_connection failed (ssl_session_id: 4)

Software vendor was unable to help, so we turned to wireshark.

Looks like we are breaking right at the certificate key exchange

Google shows several posts with the same issue, however no solution is offered. TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Any suggestions on what to check are greatly appreciated

Content Type: Alert (21)
Level: Fatal (2)
Description: Internal Error (80)

image description

ssl_ciphers  ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-CBC-SHA256:ECDHE-RSA-AES256-CBC-SHA384:DHE-RSA-AES128-CBC-SHA256:DHE-RSA-AES256-CBC-SHA256;

TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Hi,

Nginx is running on CentOS as a reverse proxy with a public cert. When devices connect to the service they fail with the following errors.

RC:-500 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL V3 cannot be set as min SSL protocol version. Ignoring.
RC:-500 MSS:(CERT_checkCertificateIssuer:1289) CERT_checkCertificateIssuerAux() failed: -7608
RC:-500 MSS:(CERT_validateCertificate:4038) CERT_checkCertificateIssuer() failed: -7608
RC:-7608 MGMT_SSL:tera_mgmt_ssl_open_connection: SSL_negotiateConnection() failed: Unknown Error
RC:-500 WEBSOCKET:tera_mgmt_ssl_open_connection failed (ssl_session_id: 4)

Software vendor was unable to help, so we turned to wireshark.

Looks like we are breaking right at the certificate key exchange

Google shows several posts with the same issue, however no solution is offered. TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)

Any suggestions on what to check are greatly appreciated

Content Type: Alert (21)
Level: Fatal (2)
Description: Internal Error (80)

image description

ssl_ciphers  ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-CBC-SHA256:ECDHE-RSA-AES256-CBC-SHA384:DHE-RSA-AES128-CBC-SHA256:DHE-RSA-AES256-CBC-SHA256;

Client shows the following ciphers in the Hello
image description

Server offers: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2