Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 15169 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS SSL errors

wingman
Hi All

I getting some strange errors out of the blue:

2009:11:27-07:55:31 stuffman httpproxy[5133]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.2.11" user="wingman" statuscode="403" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="3345" time="0 ms" request="0xb15de280" url="rsi.hotmail.com/.../rsi.asmx" exceptions="" error="" reputation="trusted" category="156" reputation="trusted" categoryname="Web Mail"
2009:11:27-07:55:31 stuffman httpproxy[5133]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.2.11" user="wingman" statuscode="403" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="3345" time="0 ms" request="0xb1521ad0" url="rsi.hotmail.com/.../rsi.asmx" exceptions="" error="" reputation="trusted" category="156" reputation="trusted" categoryname="Web Mail"
2009:11:27-07:57:31 stuffman httpproxy[5133]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="1043" time="154 ms" request="0xb05f8ae0" url="www.astaro.org/.../gif"
2009:11:27-07:57:31 stuffman httpproxy[5133]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="wingman" statuscode="200" cached="0" profile="REF_gTJkfSrJvf (Trusted clients HTTPS)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="1018" time="153 ms" request="0xb05f2a58" url="www.astaro.org/.../gif"
2009:11:27-07:58:14 stuffman httpproxy[5133]: [0xabceb7d8] ssl_log_errors (ssl.c:41) C: 5133:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:842:



There are two issues.
1)https://rsi.hotmail.com is blocked (web mail category is allowed)
2)getting strange SSL errors every now and then but I can understand what the issue is

thanks


This thread was automatically locked due to age.
Parents
  • 0
    Thanks for the detailed explaination. However, what it doesn't make sense to me is the fact that some specific websites introduce that error for myself and not for other users and vice versa. For example, I never had an issue with live.com ,but a user has 

    He is getting errors like : 

    2009:12:28-07:15:56 aecnn httpproxy[6871]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x93c79e0" function="ssl_log_errors" file="ssl.c" line="40" message="C: 6871:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown:s3_pkt.c:1054:SSL alert number 46

    2009:12:28-07:15:56 aecnn httpproxy[6871]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x93c79e0" function="ssl_log_errors" file="ssl.c" line="40" message="C: 6871:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838:


    We are all getting different error codes:838,542,288,842

    That is the reason Why I implied that there might be something "buggy" with the HTTPS handshake
Reply
  • 0
    Thanks for the detailed explaination. However, what it doesn't make sense to me is the fact that some specific websites introduce that error for myself and not for other users and vice versa. For example, I never had an issue with live.com ,but a user has 

    He is getting errors like : 

    2009:12:28-07:15:56 aecnn httpproxy[6871]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x93c79e0" function="ssl_log_errors" file="ssl.c" line="40" message="C: 6871:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown:s3_pkt.c:1054:SSL alert number 46

    2009:12:28-07:15:56 aecnn httpproxy[6871]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x93c79e0" function="ssl_log_errors" file="ssl.c" line="40" message="C: 6871:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:838:


    We are all getting different error codes:838,542,288,842

    That is the reason Why I implied that there might be something "buggy" with the HTTPS handshake
Children
  • 0 in reply to wingman
    I am getting the same errors here as well attaching the log. But i am getting error code 40  any ideas how i can get astaro to scan https/ssl traffic for my home network?



    profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="43182" request="0x8d0fda28" url="www.ask.com/.../x-javascript"
    2011:08:29-18:51:07 AmtcCorp httpproxy[5944]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.3" dstip="208.69.152.105" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="772" request="0x8d7e4540" url="dss1.siteadvisor.com/.../Query
    2011:08:29-18:51:07 AmtcCorp httpproxy[5944]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.3" dstip="65.32.34.74" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="84651" request="0x8d0dd2b0" url="www.ask.com/.../x-javascript"
    2011:08:29-18:51:07 AmtcCorp httpproxy[5944]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.3" dstip="65.32.34.74" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="54561" request="0x8d779c30" url="www.ask.com/.../x-javascript"
    2011:08:29-18:51:07 AmtcCorp httpproxy[5944]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x771dd080" function="ssl_log_errors" file="ssl.c" line="49" message="S 8.21.161.6: 2911845232:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1087:SSL alert number 40
    2011:08:29-18:51:07 AmtcCorp httpproxy[5944]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x771dd080" function="ssl_connect" file="ssl.c" line="1048" message="ssl_handshake: Input/output error"
    2011:08:29-18:51:07 AmtcCorp httpproxy[5944]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="" srcip="192.168.2.3" dstip="" user="" statuscode="000" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="0" request="0x771dd080" url="8.21.161.6" exceptions="" error=""
    2011:08:29-18:51:07 AmtcCorp httpproxy[5944]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x7716c9c0" function="ssl_log_errors" file="ssl.c" line="49" message="S 8.21.161.6: 2903452528:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1087:SSL alert number 40
Cookie Information Banner