Forum Discussion

M_2's avatar
M_2
Icon for Altocumulus rankAltocumulus
Jun 04, 2016

serverssl profile cipher issue on server side

Hello friends,

 

I see the below error in logs, and seems issue with ciphers in my serverside ssl profile.

 

Jun 4 15:43:18 slot1/xxxxxxx info tmm1[20644]: 01260013:6: SSL Handshake failed for TCP xxxx:8899 -> xxxxx:51202

 

Please provide suggestions to fix it.

 

4 1 0.0006 (0.0006) C>S Handshake ClientHello Version 3.0 cipher suites SSL_DHE_RSA_WITH_AES_256_CBC_SHA SSL_DHE_RSA_WITH_AES_128_CBC_SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_AES_256_CBC_SHA SSL_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0xff compression methods NULL 4 2 0.0043 (0.0036) S>C Handshake ServerHello Version 3.0 session_id[16]= 0e af 75 db a0 51 63 9d cc c7 1a e1 49 71 b0 30 cipherSuite SSL_RSA_WITH_3DES_EDE_CBC_SHA compressionMethod NULL 4 3 0.0044 (0.0001) C>S Alert level fatal value handshake_failure 4 0.0044 (0.0000) C>S TCP RST

 

-SAM

 

application delivery
LTM

2 Replies

  • Mathew_86305's avatar
    Mathew_86305
    Icon for Nimbostratus rankNimbostratus
    Jun 04, 2016

    I think this is happening because you configured an https monitoring to the server. Configure the correct ciphers and make sure the server is supporting the SSL Connection.

     

    Run below commands in F5 will give some details.Based on that you can configure.

     

    curl -I -L -k address

     

    openssl s_client -crlf -connect ip:port

     

  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    Jun 05, 2016

    Hi,

     

    I think that it's not a cipher issue but another option. You should activate debug logging for ssl in System >> Logs >> Configuration >> Options