I have two proxy appliances placed. One with version 18.104.22.168.0(21927) & other with 22.214.171.124 (24164).
On accessing a url from a network which points to 7.6 version proxy gives me an error of SSL error at server handshake:state 25:Application response 500 handshakefailed and other works fine when i redirects to 126.96.36.199 one. .
Rules are same across both the proxies.
Rule tracing shows ssl packet getting dropped , Looks like the Proxy must be dropping certain ciphers
please suggest on this?
I think the best is to open a ticket with support, name the website on which the issue occurs and attach a feedback file and rule trace (from both systems, 7.6.2 and 7.7.2) as well as screenshot of error message.
Such issues can be caused by wrong entered ciphers or settings.
With the feedback file and rule trace it can be further investigated.
Then we can also try to reproduce this issue with your policy and test different ciphers/settings.
Further, is there a reason why one appliance is still on 7.6.2 and not running on 7.7.2 as the other?
Is upgrading to latest version not an option for this appliance?
Usually when I see this--and I've worked many of these, it's the distant server that dropping the connection. Sometimes their nice enough to send an SSL error, while others just drop the socket. Either way, it won't tell you anything about why the handshake failed.
Submit the destination host here: SSL Server Test (Powered by Qualys SSL Labs).
When that test completes, examine the cipher list. Most of those that I've worked like this don't handle ciphers better than SHA1 and 3DES, but there are other possible issues.
You can create multiple SSL scanner/certificate verification settings and apply them selectively for different destinations by way of a white list.