[openssl-users] Failed TLSv1.2 handshake with error 67702888--bad signature

Nounou Dadoun nounou.dadoun at avigilon.com
Thu Feb 25 22:42:05 UTC 2016

  I'm trying to troubleshoot some development code which is enabling TLSv1.1 and 1.2 and failing. Have an odd tls handshake failure, with an error number that I can find any documentation about (is there any?) that indicates "67702888--bad signature" which is being logged on the server side; and I'm trying to see where in the handshake things are falling apart.

Looks like it's negotiating tls1.2 and agreeing on TLS_RSA_WITH_AES_256_CBC_SHA256 but the client seems to be sending a certificate although I don't see it requesting mutual authentication.

I've attached a very short wireshark capture - does anyone know what that error code might be related to or can give me a hint as to what's going awry here?  Thanks ... N

Nou Dadoun
Senior Firmware Developer, Security Specialist

Office: 604.629.5182 ext 2632 
Support: 888.281.5182  |  avigilon.com
Follow Twitter  |  Follow LinkedIn

This email, including any files attached hereto (the "email"), contains privileged and confidential information and is only for the intended addressee(s). If this email has been sent to you in error, such sending does not constitute waiver of privilege and we request that you kindly delete the email and notify the sender. Any unauthorized use or disclosure of this email is prohibited. Avigilon and certain other trade names used herein are the registered and/or unregistered trademarks of Avigilon Corporation and/or its affiliates in Canada and other jurisdictions worldwide.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: jkcapture.pcapng
Type: application/octet-stream
Size: 13520 bytes
Desc: jkcapture.pcapng
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160225/ac911309/attachment.obj>

More information about the openssl-users mailing list