We tried to reach https://ccremote.computacenter.de/
Using 7.5.2 we receive the error error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:SSL error at server handshake:state 25:Application response 500 handshakefailed
Usind 7.7.0 it works..
Both same SSL configuration
If there is no difference in the SSL config, we will still have different libraries. Also there have been changes due to SSL vulnerabilities in several versions.
Which exact 7.5.2 version did you use to test?
I was unable to reproduce the issue with 18.104.22.168 but maybe I have used another configuration.
We solve the problem.
This is related to TLS 1.2. We use 22.214.171.124. We defined a fallback to TLS 1.1 and everything works. Nevertheless: TLS 1.2. does not work with this server. (other serves with 1.2 works without any problems)
Other general questions:
What will be copied to the new certificate:
The commonname 1:1?
What happens with wildcard zertificates? copies the wildcard CN or does the proxy change the CN to the real one?
What happens to SAN (Subject Alternative Names) ?