Just double checking

Mradr1 · November 17, 2017, 4:51pm

Normally I get a different error, but we’re testing android devices and notice a new error today:
Cannot establish TLS with client (sni: clients4.google.com): TlsException(“SSL handshake error: Error([(‘SSL routines’, ‘ssl3_read_bytes’, ‘sslv3 alert certificate unknown’)],)”,)

Not sure if it’s the same as getting:
Cannot establish TLS with client (sni: clients1.google.com): TlsException("(-1, ‘Unexpected EOF’)",)

I mean I understand if it’s a certificate error, but that is working nice so far. Just seems like we’re getting a lot of errors for the SSLV3 alert instead of the other error. Just didn’t know the different in this case or if they’re the same error. Is one for normal none trusting and the other for certificate pin issues?

mhils · November 25, 2017, 11:01am

Hey,

Different TLS clients abort connections at different points in time. Some sent an “unknown CA” error, which makes it easy for us to diagnose, others don’t. The unexpected EOF can very well be a “client does not trust the certificate”, a general network error, or a TLS incompatibility. If you have this consistently in a local network, the first option is probably the most likely.

amankumarjain · December 7, 2017, 7:31pm

@mhils
Hi why we receive 1st error in most https interception, how to debug and solve it.

Topic		Replies	Views
TLS problem. SSL Handshake error SysCallError(-1, 'Unexpected EOF')	1	4246	August 24, 2017
"sslv3 alert handshake failure" - How to find out what's causing this help	1	4015	March 23, 2018
Newbie alert: Running into sslv3 alert unexpected message	2	3619	June 25, 2017
Custom certifaicate used for *.facebook.com help	4	3822	December 16, 2017
Sslv3 alert handshake failure help	1	4070	November 25, 2017

Just double checking

Related topics