Forum Discussion
Naresh_N
Nimbostratus
NimbostratusSSL handshake errors
Hi there,
Recently put TMOS version 12 into production and see following SSL handshake errors, none of which existed in version 10.2.3:
Nov 12 03:15:36 dc1lbc2p info tmm[11446]: 01260013:6:...
Naresh_NNimbostratus
NimbostratusOk. I disabled hsts and waited for 500 seconds and more, still got SSL handshake errors. Following are 2 examples when hsts was removed. Notice the "critical" in the middle of handshake and abrupt FINs sent by client and server.
New TCP connection 31: 70.114.201.226(55098) <-> x.x.x.x(443)
30 6 0.2040 (0.1128) C>SV3.3(70) Handshake
ClientKeyExchange
30 7 0.2040 (0.0000) C>SV3.3(1) ChangeCipherSpec
30 8 0.2040 (0.0000) C>SV3.3(64) Handshake
30 9 0.2053 (0.0013) S>CV3.3(1) ChangeCipherSpec
30 10 0.2053 (0.0000) S>CV3.3(64) Handshake
31 1 0.1392 (0.1392) C>SV3.3(184) Handshake
ClientHello
Version 3.3
random[32]=
56 4c 20 92 37 cd ef 90 aa 66 36 f3 aa 9f be 9e
d2 96 ac d6 6f 3f ee 4e 39 a6 d2 75 a3 c3 f5 82
cipher suites
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
compression methods
NULL
31 2 0.1403 (0.0010) S>CV3.3(91) Handshake
ServerHello
Version 3.3
random[32]=
67 f0 29 68 55 5a a3 e9 5d 9d 2d 11 4b fe 44 7d
ba a8 3c c9 23 48 60 d7 63 ad b6 61 1e 53 c3 c9
session_id[32]=
c6 6c e9 26 5b f1 9d 4a 2f b5 ba 33 42 b9 c4 53
c4 0a 4f 40 29 f2 9b 2c 65 6b ac e9 12 49 14 63
cipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
compressionMethod NULL
31 3 0.1403 (0.0000) S>CV3.3(2488) Handshake
Certificate
Subject
C=US
ST=California
L=Mountain View
O=abc, Inc.
OU=Network Operations
CN=*.abc.net
Issuer
C=US
O=thawte, Inc.
CN=thawte SHA256 SSL CA
Serial 49 a1 db 0d 32 5e a5 16 dd 0b 5c 71 eb ec f3 6a
Extensions
Extension: X509v3 Subject Alternative Name
Extension: X509v3 Basic Constraints
Extension: X509v3 Certificate Policies
Extension: X509v3 Key Usage
Critical
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: X509v3 Extended Key Usage
Extension: Authority Information Access
Subject
C=US
O=thawte, Inc.
CN=thawte SHA256 SSL CA
Issuer
C=US
O=thawte, Inc.
OU=Certification Services Division
OU=(c) 2008 thawte, Inc. - For authorized use only
CN=thawte Primary Root CA - G3
Serial 36 34 9e 18 c9 9c 26 69 b6 56 2e 6c e5 ad 71 32
Extensions
Extension: Authority Information Access
Extension: X509v3 Basic Constraints
Critical
Extension: X509v3 Certificate Policies
Extension: X509v3 CRL Distribution Points
Extension: X509v3 Key Usage
Critical
Extension: X509v3 Subject Alternative Name
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
31 4 0.1404 (0.0000) S>CV3.3(333) Handshake
ServerKeyExchange
31 5 0.1404 (0.0000) S>CV3.3(4) Handshake
ServerHelloDone
30 11 0.3403 (0.1350) C>SV3.3(544) application_data
30 12 0.3436 (0.0032) S>CV3.3(1456) application_data
30 13 0.3436 (0.0000) S>CV3.3(1488) application_data
30 14 0.3436 (0.0000) S>CV3.3(1488) application_data
30 15 0.3436 (0.0000) S>CV3.3(144) application_data
30 16 0.3441 (0.0004) S>CV3.3(1488) application_data
30 17 0.4304 (0.0862) S>CV3.3(1488) application_data
30 18 0.4304 (0.0000) S>CV3.3(1488) application_data
30 19 0.4304 (0.0000) S>CV3.3(1488) application_data
30 20 0.4304 (0.0000) S>CV3.3(1488) application_data
30 21 0.4304 (0.0000) S>CV3.3(1488) application_data
30 22 0.4304 (0.0000) S>CV3.3(1040) application_data
31 0.7382 (0.5978) C>S TCP FIN
31 0.7383 (0.0000) S>C TCP FIN
13 11 9.1953 (9.1702) C>SV3.3(448) application_data
13 12 9.1978 (0.0024) S>CV3.3(1472) application_data
13 13 9.1978 (0.0000) S>CV3.3(1520) application_data
13 14 9.1978 (0.0000) S>CV3.3(1520) application_data
13 15 9.1978 (0.0000) S>CV3.3(176) application_data
13 16 9.1980 (0.0001) S>CV3.3(1520) application_data
13 17 9.1980 (0.0000) S>CV3.3(1520) application_data
13 18 9.1981 (0.0001) S>CV3.3(1520) application_data
13 19 9.1981 (0.0000) S>CV3.3(1520) application_data
13 20 9.1982 (0.0001) S>CV3.3(1520) application_data
13 21 9.2086 (0.0103) S>CV3.3(1520) application_data
13 22 9.2098 (0.0011) S>CV3.3(1328) application_data
New TCP connection 254: 81.169.237.146(49648) <-> x.x.x.x(443)
254 1 0.1686 (0.1686) C>SV3.1(160) Handshake
ClientHello
Version 3.1
random[32]=
4f e0 34 c6 b9 14 78 a8 d4 5c c8 bd 85 9c 4a 75
03 aa b4 69 4d e4 8a 1f ff 64 0b 25 e9 07 33 dd
cipher suites
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
compression methods
NULL
254 2 0.1697 (0.0010) S>CV3.1(87) Handshake
ServerHello
Version 3.1
random[32]=
42 31 2f 60 10 8f 42 75 ab ed 8a d9 03 32 16 7e
b5 6e 06 64 62 9c 1e ec d5 fd 40 58 49 73 18 eb
session_id[32]=
c3 46 ec 69 a6 db 70 1d cb ae a2 bc 2f c2 39 44
6c 11 05 cf b4 d9 76 1b 2a 50 89 36 3f 92 c9 94
cipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
compressionMethod NULL
254 3 0.1697 (0.0000) S>CV3.1(2488) Handshake
Certificate
Subject
C=US
ST=California
L=Mountain View
O=abc, Inc.
OU=Network Operations
CN=*.abc.net
Issuer
C=US
O=thawte, Inc.
CN=thawte SHA256 SSL CA
Serial 49 a1 db 0d 32 5e a5 16 dd 0b 5c 71 eb ec f3 6a
Extensions
Extension: X509v3 Subject Alternative Name
Extension: X509v3 Basic Constraints
Extension: X509v3 Certificate Policies
Extension: X509v3 Key Usage
Critical
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: X509v3 Extended Key Usage
Extension: Authority Information Access
Subject
C=US
O=thawte, Inc.
CN=thawte SHA256 SSL CA
Issuer
C=US
O=thawte, Inc.
OU=Certification Services Division
OU=(c) 2008 thawte, Inc. - For authorized use only
CN=thawte Primary Root CA - G3
Serial 36 34 9e 18 c9 9c 26 69 b6 56 2e 6c e5 ad 71 32
Extensions
Extension: Authority Information Access
Extension: X509v3 Basic Constraints
Critical
Extension: X509v3 Certificate Policies
Extension: X509v3 CRL Distribution Points
Extension: X509v3 Key Usage
Critical
Extension: X509v3 Subject Alternative Name
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
254 4 0.1697 (0.0000) S>CV3.1(331) Handshake
ServerKeyExchange
254 5 0.1697 (0.0000) S>CV3.1(4) Handshake
ServerHelloDone
69 64.4153 (59.9118) S>C TCP FIN
69 64.4152 C>S TCP FIN
225 11 10.0037 (9.8402) C>SV3.1(752) application_data
225 12 10.0063 (0.0025) S>CV3.1(480) application_data
254 0.3390 (0.1692) C>S TCP FIN
254 0.3391 (0.0000) S>C TCP FIN