[openssl-users] SSL3_GET_CLIENT_HELLO:required cipher missing

Eric R. erafaloff at gmail.com
Thu Jan 15 05:03:00 UTC 2015

For the past week I've been noticing many entries like this in our nginx
error logs:

SSL_do_handshake() failed (SSL: error:1408A0D7:SSL
routines:SSL3_GET_CLIENT_HELLO:required cipher missing) while SSL

What does the error "required cipher missing" mean exactly? Some of our
users reported that their browser gave them an SSL connection error and
then it went away. Others can no longer connect to our site at all. I've
had a look at the OpenSSL source code and I think the error is related to
checking that the server still supports the last cipher a session used. Is
this correct? The only change I can think of that may affect our list of
available ciphers was an update to the latest version of OpenSSL that
CentOS 5 provided back in November. That was two months ago though, and
other than that I can't think of what could be causing this.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150115/6f6f440a/attachment.html>

More information about the openssl-users mailing list