Forum Discussion

chester_16314's avatar
chester_16314
Icon for Nimbostratus rankNimbostratus
Aug 08, 2013

SSL Read Error

I have a strange problem that I'm trying to sort out. I have a vendor (Mandrill) that is POSTing a webhook to a site that I have sitting behind my BigIP. BigIPis managing the certificate for the cl...
app sec
BIG-IP Access Policy Manager (APM)
security
irig4u_152672's avatar
irig4u_152672
Icon for Nimbostratus rankNimbostratus
Jan 05, 2018

Tried creating a scenario in lab to reproduce the error 'SSL read: error:00000000:lib(0):func(0):reason(0), errno 104' , the one that I used to repro error was to configure BIG-IP to default serverssl (v12.1.2) which does not have sslv3 to use and configured server to only accept sslv3.

 

Tested with curl and managed to get the exact same message in output

 

GET / HTTP/1.1 User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 OpenSSL/1.0.1l zlib/1.2.3 libidn/1.18 Host: 1.1.1.6 Accept: /

 

  • SSL read: error:00000000:lib(0):func(0):reason(0), errno 104
  • Closing connection 0

I suppose this would apply even when there is no cipher supported by the destination server that is offered by the client.

 

Capturing the data on the wire if you should see server responding to client hello with a handshake failure alert then its probably the same condition I tested on.