Sslv3 alert handshake failure

Hello. I’m hitting a strange error with mitmproxy that I can’t seem to figure out.

I’m trying to use it during development of a web app I’m making, but when trying to visit the site in Safari or Firefox I get the following error:

502 Bad Gateway

TlsProtocolException('Cannot establish TLS with some.url:443 (sni: some.url): TlsException("SSL handshake error: Error([(\'SSL routines\', \'ssl3_read_bytes\', \'sslv3 alert handshake failure\')],)",)',)

After some searching it seems like a lot of people hit this error because they hadn’t yet trusted the mitmproxy cert locally. However I have done that, and I can access every other https website I’ve tried, it’s just my web app that doesn’t work.

The command I’m running is just mitmproxy, no -T or --ignore or anything else used. I did try --insecure to see if that resolved my issue but it didn’t work.

Also, I’m not sure if this is relevant, but my nginx config for the web app doesn’t even support SSL 3, I’ve only enabled the following protocols: ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Thanks for any help.

Here’s my mitmproxy version info, the latest homebrew version:
Mitmproxy version: 2.0.2 (release version)
Python version: 3.6.3
Platform: Darwin-17.2.0-x86_64-i386-64bit
SSL version: OpenSSL 1.1.0g 2 Nov 2017
Mac version: 10.13.1 (’’, ‘’, ‘’) x86_64

Hi @tmalloy,

The error your are seeing indicates that mitmproxy cannot negotiate a TLS connection with your server. There could be many reasons for that, for example we by default only enable a limited set of secure ciphers. We internally use OpenSSL, which tends to be quite compatible with stuff otherwise. If you run against your server, do you see anything that sticks out?