4 Replies Latest reply on Aug 27, 2016 10:50 PM by btlyric

    SSL handshake errors on Ver 7.5.2.8 - NOT a SHA1 only site

    matthew.stokes

      Has anyone else noticed an uptick in SSL handshake failures after upgrading to 7.5.2.8.0. Here is the message we are typically getting when these sites fail:

       

      Reason: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:SSL error at server handshake:state 25:Application response 500 handshakefailed

       

      Of course we can bypass SSL scanning for these sites but that's probably not the preferred solution. We've have the recommended POODLE configuration already.

       

      I understand there is a problem with SHA1 fallback but I'm seeing handshake failures on sites that are SHA2 as well. Below are a couple of examples:

       

      https://www.epsoninsider.com

       

      https://pbctax.com/services/property-tax/real-estate-property-tax