SSL Handshake Failed

For technical support for all editions of CSS HTML Validator. Includes bug reports.
Post Reply
Landon_Luko
Rank 0 - Newcomer
Rank 0 - Newcomer
Posts: 2
Joined: Thu Oct 26, 2017 10:01 am

SSL Handshake Failed

Post by Landon_Luko » Thu Oct 26, 2017 10:16 am

There's a site I'm trying to validate using Batch Wizard. The site works fine when I go to it manually; however, when I run Batch Wizard, I keep getting the same error:
Failed Count: 1, Error: 10053, Status: 404, Reason: SSL handshake failed - error:14094458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name. This target will not be processed (tried 3 times).
I've tried everything I can think of, and I can't seem to find something related to this error on this forum or the main website. Is there a way I can fix this?

Thanks

User avatar
Albert Wiersch
Site Admin
Site Admin
Posts: 3236
Joined: Sat Dec 11, 2004 9:23 am
Location: Near Dallas, TX
Contact:

Re: SSL Handshake Failed

Post by Albert Wiersch » Thu Oct 26, 2017 5:22 pm

Hello,

Are you able to send me a Batch Wizard target list containing a URL that can be used to reproduce the problem?

I think your server is rejecting the request for some reason, but I'm not sure why.
Image
Albert Wiersch

Landon_Luko
Rank 0 - Newcomer
Rank 0 - Newcomer
Posts: 2
Joined: Thu Oct 26, 2017 10:01 am

Re: SSL Handshake Failed

Post by Landon_Luko » Fri Oct 27, 2017 11:08 am

For some reason, I can't send it to you via this forum. I just emailed you the list file.

User avatar
Albert Wiersch
Site Admin
Site Admin
Posts: 3236
Joined: Sat Dec 11, 2004 9:23 am
Location: Near Dallas, TX
Contact:

Re: SSL Handshake Failed

Post by Albert Wiersch » Fri Oct 27, 2017 2:12 pm

Thank you. I received the target list and ran it without any problems but my run was limited to 20 targets.

Is there a specific URL that is causing the problem?

I also received this information from someone who knows more about SSL issues than I do:
SSL handshake failures are difficult to diagnose, despite the seemingly extensive error messages.

Most of the time, handshake errors are down to incompatible ciphers and protocols, the server might have ancient support and the client demands
modern protocols, or vice versa.

'unrecognized name' might relate to Server Name Indication which was not supported with SSL, only TLS.

The best diagnostic is put the remote host name into an SSL server test tool, like:

https://www.ssllabs.com/ssltest/

which will throw hundreds of SSL packets are the server and generate an extensive report it's capabilities, or lack of them. This will almost
certainly explain what is wrong.
Can you run the URL/sever through the test at https://www.ssllabs.com/ssltest/ and let me know if that helps? Perhaps the web server needs to be updated.

If none of this helps then please provide more details and the results of the SSL test.
Image
Albert Wiersch

Post Reply