openssl s_client connection fails
Matt Caswell
matt at openssl.org
Wed Nov 18 11:40:33 UTC 2020
On 18/11/2020 11:24, Patrice Guérin wrote:
> 3072988928:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert
> handshake failure:../ssl/record/rec_layer_s3.c:1407:SSL alert number 40
This is a very generic "something went wrong" alert that is being
received from the server and could be due to any number of issues. Do
you have access to the server in question? If so there may be more clues
in the server logs that might explain it.
> Does anybody have an idea on what's going wrong ?
One thing that springs to mind that often goes wrong is SNI handling.
s_client changed between 1.1.0 and 1.1.1 to always provider SNI by
default. If the server requires SNI then it could explain this
behaviour. Your can add SNI in 1.1.0 by using the "-servername" command
line option followed by the name of the server in question, e.g.
$ openssl s_client -connect www.openssl.org -port 443 -servername
www.openssl.org
Matt
>
> Thank you in advance.
> Kind regards
> Patrice.
>
More information about the openssl-users
mailing list