ReviewBoard SSLV3_ALERT_HANDSHAKE_FAILURE - ssl

When I try "rbt post" I get this error "ERROR: Could not reach the Review Board server at http://reviewboard.company.com/: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)"

If it is an internal company FQDN, try to find out whether you requesting over a companies proxy. If so, please delete your proxy envs and try again

Related

Odoo xmlrpc certification has expired

I wrote this script around 4 months ago, everything was working fine. But when I returned to this code yesterday I got the following exception:
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1108)
this happens when I run the following:
client = xmlrpc.client.ServerProxy('{}/xmlrpc/2/common'.format(odoo_server), allow_none=True)
what might be the problem?
This solution might help you out in your situation.
import ssl
xmlrpc.client.ServerProxy('{}/xmlrpc/2/common'.format(odoo_server), allow_none=True,verbose=False, use_datetime=True,context=ssl._create_unverified_context())
whats the value in odoo_server, try without http or https. try with your ip or just the domain name

SSL exception cURL error 35

I was doing a rutinary check of my web at GTMETRIX when I get this error message:
Analysis Error An error occurred fetching the page: HTTPS error: SSL
connect attempt failed error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
There may be a connectivity issue between your server and the GTmetrix
test server. Try testing from another test location or try again
later.
I was looking for answers but can't find any solution. This is the actual status of my SLL configuration:
** Configuring SSL ** testing htaccess rules...
htaccess rules test failed with error: cURL error 35:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure checking if .htaccess can or should be edited...
Any help would be appreciated.

WARN Failed to send SSL Close message(Kafka SSL configuration issue)

I have done broker and client configuration on same node.
When ssl.client.auth=none it works fine but whenever I change that property to "required", ssl.client.auth=required and enabled security.inter.broker.protocol=SSL then it gives me an issue on producer side.
[2017-12-13 11:06:56,106] WARN Failed to send SSL Close message (org.apache.kafka.common.network.SslTransportLayer)
java.io.IOException: Connection reset by peer
at sun.nio.ch.FileDispatcherImpl.write0(Native Method)
at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47)
at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
at sun.nio.ch.IOUtil.write(IOUtil.java:65)
at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:471)
at org.apache.kafka.common.network.SslTransportLayer.flush(SslTransportLayer.java:194)
at org.apache.kafka.common.network.SslTransportLayer.close(SslTransportLayer.java:161)
at org.apache.kafka.common.network.KafkaChannel.close(KafkaChannel.java:45)
at org.apache.kafka.common.network.Selector.close(Selector.java:442)
at org.apache.kafka.common.network.Selector.poll(Selector.java:310)
at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:256)
at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:216)
at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:128)
at java.lang.Thread.run(Thread.java:745)
Any solution for this?
As mentioned in the comments, the answer was found by the asker:
Its resolved.This issue comes when signed certificate of the server
did not match with client keystore. We need to generate client
keystore and import the the signed certificate of the server to client
keystore.

ERROR: Fetching the page failed because other errors. Twitter Cards Issue

When I go to https://cards-dev.twitter.com/validator and enter https://piktoria.com/blog/instagram-to-drive-sales/ and adlatch.com
Validator says - Unable to render Card preview
ERROR: Fetching the page failed because other errors.
So because of that when i share anything on twitter, don't get any snippets, tried twitter support they say:
"There's something wrong with your SSL setup - I am seeing SslHandshakeException: handshake alert: unrecognized_name at remote address in my debug log which I suspect means that your server name does not match the certificate, or something similar."
Can anyone help in solving this issue
This problem happened with me also But i managed to Fix It when twiiter told me to check SSL Settings
I got the point The problem was From AES256 and AES128 (For NgiNx Web Server) You need to enable AES128
Here is Snippet
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384!AES128:!3DES';
As you see in the Snippet the AES128 is Disabled(!)
you need to remove the ! From AES128 So the Code will be:
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:!3DES';
This might be a post a bit old, but you can get this error due to a different TLS configuration.
When I looked into my webserver error logs, I encountered the following error:
2021/05/12 19:41:31 [crit] 16585#16585: *44673 SSL_do_handshake() failed (SSL: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol) while SSL handshaking, client: X.X.X.X, server: X.X.X.X:443
It looks like twitter, as of now, does not support TLSv1.3 for getting the cards, and the solution is to also enable TLSv1.2. If you use the intermediate configuration from Mozilla's ssl-config tool that is good enough.
See https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1d&guideline=5.6

ASIHTTPRequestErrorDomain : (possibly a bad/expired/self-signed certificate)

When I access website API using https, the ASIHTTPRequest can't get response. I got the error below:
ASI error:: Error Domain=ASIHTTPRequestErrorDomain Code=1 "A connection failure occurred: SSL problem (possibly a bad/expired/self-signed certificate)" UserInfo=0x4e5ccd0 {NSUnderlyingError=0x4e5ce40 "The operation couldn’t be completed. (OSStatus error -9807.)", NSLocalizedDescription=A connection failure occurred: SSL problem (possibly a bad/expired/self-signed certificate)}
I guess I got this error because I generated the SSL certificate by myself, instead of purchasing one. Is that right? Does "SSL problem (possibly a bad/expired/self-signed certificate)} " mean i should purchase a SSL certificate for my server?
You're correct, a self-signed SSL Cert will cause this error. That said, you're not forced to purchase an SSL Cert.
If this were for an internal application, I'd just disable the Cert check with the following:
[request setValidatesSecureCertificate:NO];