SSL server handshake failure" 0 310000:1 ../ssl_proxy/sslproxy_worker.cpp:3042 Error on ProxySG


<< Back to Knowledge Search

Solution

Overview

Why am I getting a lot of SSL server handshake errors on the ProxySG appliance?

Cause

A good way of finding what is causing this is to look at the Active Sessions (Management Console > Statistics > Sessions > Errored sessions). In this case we can see Google talk is causing the error:

 talk.google.com:443 - - - REQMOD: inactive RESPMOD: inactive 20 sec 176 0 n/a - - - P BM (D) Explicit HTTP SSL SSL(error) : "Missing SSL server certificate"    0 sec

Google talk will by default try to connect over port 443. It is an application. The site does not provide a server certificate, which is required for the SSL proxy to work.

Any site which does not provide a certificate will result in this error. To resolve the error, bypass the SSL proxy for this site.

 

Resolution
One option to workaround this issue is to disable protocol detection for the site.
 
<Proxy>
url.regex="website.com" detect_protocol(no)
 

 

 

Workaround
Additional Information
Bug Number
InQuira Doc IdKB4778
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      12/01/2014
Last Published      12/01/2014
Article Audience
Product      ProxySG
Article Number      000016964
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat