Forum Discussion

Mohit_Pathk's avatar
Mohit_Pathk
Icon for Nimbostratus rankNimbostratus
Aug 18, 2016

SSL Handshake failure

Hello, I need help with one situation.

 

We have one application behind F5. We are terminating SSL on F5. When we access application through normal web browser we get desired output. But when we try the same application with SoapUI we do not get the output.

 

we tried to debug and packet capture and we found that SSL handshake failure causes the issue. with my limited knowledge I tried to extract ssldump and output shows that ssl failure occurred, but i am not able to find out the reason for the same.

 

below you can find the output of ssldump: please let me know if you have any suggestion to troubleshoot the issue further:

 

  • The odd thing is that you're actually completing the SSL handshake (it's the application_data messages). And it looks like you're doing mutual (client certificate) authentication successfully.

    Since you're doing an RSA handshake, you should be able to put the server's private key into the SSLDUMP and attempt to decrypt.

    ssldump -AdNn -i [interface] -k [path to private key] port 443 [and additional filters]
    

    There's something happening just after the handshake that's causing the issue, so it'll help to see the decrypted payload.

  • Is that SoapUI access is FQDN? If yes do you have SSL trusted root CA loaded in the client machine where the soap calls running from?

     

    -Jinshu

     

  • New TCP connection 1: 106.yy.yy.yy(13829) <-> 193.xx.xx.xx(443)
        1 1  0.4599 (0.4599)  C>S  Handshake
              ClientHello
                Version 3.1
                cipher suites
                Unknown value 0xc009
                Unknown value 0xc013
                TLS_RSA_WITH_AES_128_CBC_SHA
                Unknown value 0xc004
                Unknown value 0xc00e
                TLS_DHE_RSA_WITH_AES_128_CBC_SHA
                TLS_DHE_DSS_WITH_AES_128_CBC_SHA
                Unknown value 0xc007
                Unknown value 0xc011
                TLS_RSA_WITH_RC4_128_SHA
                Unknown value 0xc002
                Unknown value 0xc00c
                Unknown value 0xc008
                Unknown value 0xc012
                TLS_RSA_WITH_3DES_EDE_CBC_SHA
                Unknown value 0xc003
                Unknown value 0xc00d
                TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
                TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
                TLS_RSA_WITH_RC4_128_MD5
                Unknown value 0xff
                compression methods
                          NULL
        1 2  0.4599 (0.0000)  S>C  Handshake
              ServerHello
                Version 3.1
                session_id[0]=
    
                cipherSuite         TLS_RSA_WITH_AES_128_CBC_SHA
                compressionMethod                   NULL
        1 3  0.4599 (0.0000)  S>C  Handshake
              Certificate
        1 4  0.4599 (0.0000)  S>C  Handshake
              CertificateRequest
                certificate_types                   rsa_sign
                certificate_types                   dss_sign
                certificate_types                 unknown value
        1 5  0.4599 (0.0000)  S>C  Handshake
              ServerHelloDone
        1 6  1.5298 (1.0699)  C>S  Handshake
              Certificate
              ClientKeyExchange
        1 7  1.5486 (0.0187)  C>S  Handshake
              CertificateVerify
                Signature[256]=
                  xx 6f d1 cb e5 17 08 d4 4f 90 bd b1 e2 15 f4 0b
                  9e 7f 25 a8 2e f0 a7 1e e0 c7 22 73 37 51 eb d0
                  4c 76 0b ac c2 94 a2 aa 0f 0b 1d 8f 1f 0d 03 68
                  5d 1a b2 d4 e9 59 6d e5 8f b1 9d da c8 d2 55 77
                  5c 7c 43 9f 12 28 15 e6 52 5c cc b4 bf 28 d6 93
                  cd f9 2e ef 42 00 5c 4a bd 38 12 b7 b7 6b cc bb
                  43 a2 18 01 8a ba 55 1d 64 d2 34 a4 26 b1 63 8e
                  e9 c0 4b 26 b8 d3 34 13 df f8 dc 9c 77 59 80 17
                  be cc af 69 3a 99 50 e4 03 9c 8d 03 48 59 1c fb
                  dd ad 05 52 bf b3 b0 49 76 25 01 67 ad bf b2 20
                  03 d2 96 01 4a 21 d2 91 e1 27 ba c5 b0 f2 85 df
                  c6 3c 46 e4 5d 14 8a 7b 42 65 bf 7c 60 7d d8 06
                  3b 4a 86 41 a7 86 98 53 8f d6 fe 14 f4 82 27 6a
                  07 2c f8 24 68 52 ee e9 2c d0 68 f2 a0 7c 4f 62
                  ea 3f eb cd 01 dd cf 20 48 a2 fd b2 77 f3 9a 44
                  06 52 58 c8 52 75 e3 c2 a6 f2 d0 76 17 58 e3 42
        1 8  1.5486 (0.0000)  C>S  ChangeCipherSpec
        1 9  1.5486 (0.0000)  C>S  Handshake
        1 10 1.5498 (0.0012)  S>C  ChangeCipherSpec
        1 11 1.5498 (0.0000)  S>C  Handshake
        1 12 2.0189 (0.4690)  C>S  application_data
        1 13 2.0204 (0.0015)  S>C  application_data
        1    2.0205 (0.0000)  S>C  TCP FIN
        1 14 2.3787 (0.3582)  C>S  Alert
        New TCP connection 2: 106.yy.yy.yy(13829) <-> 193.xx.xx.xx(443)
        2 1  0.4902 (0.4902)  C>S  Handshake
              ClientHello
                Version 3.1
                cipher suites
                Unknown value 0xc009
                Unknown value 0xc013
                TLS_RSA_WITH_AES_128_CBC_SHA
                Unknown value 0xc004
                Unknown value 0xc00e
                TLS_DHE_RSA_WITH_AES_128_CBC_SHA
                TLS_DHE_DSS_WITH_AES_128_CBC_SHA
                Unknown value 0xc007
                Unknown value 0xc011
                TLS_RSA_WITH_RC4_128_SHA
                Unknown value 0xc002
                Unknown value 0xc00c
                Unknown value 0xc008
                Unknown value 0xc012
                TLS_RSA_WITH_3DES_EDE_CBC_SHA
                Unknown value 0xc003
                Unknown value 0xc00d
                TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
                TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
                TLS_RSA_WITH_RC4_128_MD5
                Unknown value 0xff
                compression methods
                          NULL
        2 2  0.4902 (0.0000)  S>C  Handshake
              ServerHello
                Version 3.1
                session_id[0]=
    
                cipherSuite         TLS_RSA_WITH_AES_128_CBC_SHA
                compressionMethod                   NULL
        2 3  0.4902 (0.0000)  S>C  Handshake
              Certificate
        2 4  0.4902 (0.0000)  S>C  Handshake
              CertificateRequest
                certificate_types                   rsa_sign
                certificate_types                   dss_sign
                certificate_types                 unknown value
        2 5  0.4902 (0.0000)  S>C  Handshake
              ServerHelloDone
        2 6  0.9097 (0.4195)  C>S  Handshake
              Certificate
              ClientKeyExchange
        2 7  0.9097 (0.0000)  C>S  ChangeCipherSpec
        2 8  0.9097 (0.0000)  C>S  Handshake
        2 9  0.9098 (0.0000)  S>C  Alert
            level           fatal
            value           handshake_failure
        2    0.9098 (0.0000)  S>C  TCP FIN
        2    1.1489 (0.2391)  C>S  TCP FIN