4 Replies Latest reply on Feb 17, 2016 9:50 AM by stifi

    error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure on access to https://surveymonkey.com/

    stifi

      Hi there

      We recognized an ssl handshake error on accessing the url https://surveymonkey.com (detailed error message is "error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure"). Having a deeper look to the ssl handshake using tcpdump we determined that the webserver on https://surveymonkey.com seems not to be willing to accept any of the ciphers offered by our webwasher (version is 7.5.1, openssl version is 1.0.1j-fips).

       

      Running an ssh handshake from the command line using the command "openssl s_client -connect surveymonkey.com:443 -tls1_2" fails as you would expect. Running the same command from another system using openssl 1.0.1f succeeds, this is the cipher which is offered from the webserver:

       

      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

       

      Unfortunately this is not in the list of the supported ciphers on the webwasher. From my understanding the openssl version running on our webwasher is not capable to offer that cipher. That means that we are also not able to enlarge the actual Server cipher list on the webwasher which is "ALL:!ADH:+RC4:@STRENGTH".

       

      So how to securely allow access to that website?

       

      Thanks for any hints, Stefan