Certificate Issue : unable to find valid certification path to requested target
Hello, We deployed a staging e-payment application, using a Virtual Server with these properties : port : https protocol profile : mptcp-mobile-optimized HTTP Profile : XFF SSL Profile : 2 certificates - The issued certificate & a second certificate with Default SSL Profile for SNI SNAT Pool : ip in the same subnet as nodes. Pool : 2 pool members with port 7010 I'm using public certificates (signed by CA Verisign G5 & CA Symantec G4) the web page is displayed correctly, & SSL checks says all is ok (tested with "; & ";) the actual issue is that transaction doesn't pass over https (in http it works fine) here's the error message relived from client side : -An exception occured in HTTPProcess sendMessage. Exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. - doPost exception encountered. Exception: java.lang.NullPointerException. can you support us please?ssl_error_rx_record_too_long error
Hey guys, Have issue where in our prod environment I get ssl_error_rx_record_too_long when using ff. This works in our staging environment but our in our prod env we get this error. I verified both certs we are using match staging and prod as well the ciphers. I also did a capture from my laptop and did see any issues during the ssl handshakes and or cipher exchange. Has anyone experienced this before ? Thanks
SSL Handshake errors
We are facing intermittent issues in our Exchange connectivity thats loadbalanced in F5 boxes (LTM version is 11.3.0 HF6 ). On observing the LTM logs, I noticed many instances of SSL handshake failures. Will these errors have any impact of the connectivity? Any idea how to resolve these errors. 01060111:3: Open SSL error - error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol. 01060111:3: Open SSL error - error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure. 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure. 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure. 01260013:6: SSL Handshake failed for TCP from x.x.x.x:62373 to y.y.y.y:443 01260013:6: SSL Handshake failed for TCP from x.x.x.x:45849 to y.y.y.y:443
SSL Handshake error
I have one of my VIP configured to use SSL profile, ssl handshake is failing. I have tried using default ciphers and also tried using All ciphers but still the handshake is failing. Here is the tcp dump. New TCP connection 1: 10.xx.xx.254(3990) <-> xx.xx.xx.131(443) 1 0.2331 (0.2331) C>S TCP RST New TCP connection 2: 10.xx.xx.254(30154) <-> xx.xx.xx.131(443) 2 0.2337 (0.2337) C>S TCP RST New TCP connection 3: 10.xx.xx.253(40997) <-> xx.xx.xx.131(443) 3 1 0.2318 (0.2318) C>S Handshake ClientHello Version 3.3 cipher suites TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_SHA Unknown value 0xc028 Unknown value 0xc014 Unknown value 0xc027 Unknown value 0xc013 Unknown value 0xc012 Unknown value 0xff compression methods NULL 3 2 0.4649 (0.2331) S>C Handshake ServerHello Version 3.1 session_id[32]= f6 2f cf 54 10 74 f3 07 70 88 39 b4 d2 3b af bb f7 bc d3 a4 e1 67 2e 80 60 39 59 43 e9 61 bf 22 cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA compressionMethod NULL 3 3 0.4650 (0.0000) C>S Alert level fatal value handshake_failure 3 0.4651 (0.0000) C>S TCP RST
