OpenSSL Handshake Failure (14094410) - Erroneous Client Certificate Check from Mobile Phone

apache-2.2 openssl mod-ssl

9,528

I had the same problem, and it turns that the problem is actually in the error message - its confusing. If you look at the exact protocol bytes read by the server (which you removed - here is the relevant part from my log):

ssl_engine_io.c(1854): | 0000: 15 03 01 00 02

ssl_engine_io.c(1854): | 0000: 02 28

The 0x15 refers to ContentType 21, which is an alert message. "03 01" is the version and "00 02" is the length of the actually message.

"02 28" means fatal error 40, and refers to a handshake_failure, which simply means that the server didn't offer anything that the client could use. In other words, the Nokia don't have the required root certs to recognize your ssl cert.

When this error occurs, the server protocol state machine is waiting to read the optional client certificate. So the "SSLv3 read client certificate A" is simply the server reporting what state it was in when it received the alert message from the client.

Just slightly confusing.

9,528

Clayton Sims

Updated on September 18, 2022

Comments

Clayton Sims almost 2 years

I'm running a proxy server through Apache with modssl, which we're using to proxy POSTs from mobile devices to another internal server. This works successfully for most clients, but requests from a specific phone model (Nokia 2690) are showing a bizarre handshake failure.

It looks as though OpenSSL is either requesting (or attempting to read an unsolicited) client certificate from the phone (which is especially bizarre because j2me's kssl implementation doesn't support client certs). I've disabled client certificates with the SSLVerifyClient none directive in both the virtual host conf and the modssl conf. The trace from error.log on debug level is (details redacted):

[client 41.220.207.10] Connection to child 0 established (server www.myserver.org:443)
[info] Seeding PRNG with 656 bytes of entropy
[debug] ssl_engine_kernel.c(1866): OpenSSL: Handshake: start
[debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: before/accept initialization
[debug] ssl_engine_io.c(1882): OpenSSL: read 11/11 bytes from BIO#7fe3fbaf17a0 [mem: 7fe3fbaf90d0] (BIO dump follows)
[debug] ssl_engine_io.c(1815): +-------------------------------------------------------------------------+
[debug] ssl_engine_io.c(1860): +-------------------------------------------------------------------------+
[debug] ssl_engine_io.c(1882): OpenSSL: read 49/49 bytes from BIO#7fe3fbaf17a0 [mem: 7fe3fbaf90db] (BIO dump follows)
[debug] ssl_engine_io.c(1815): +-------------------------------------------------------------------------+
[debug] ssl_engine_io.c(1860): +-------------------------------------------------------------------------+
[debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 read client hello A
[debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 write server hello A
[debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 write certificate A
[debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 write server done A
[debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 flush data
[debug] ssl_engine_io.c(1882): OpenSSL: read 5/5 bytes from BIO#7fe3fbaf17a0 [mem: 7fe3fbaf90d0] (BIO dump follows)
[debug] ssl_engine_io.c(1815): +-------------------------------------------------------------------------+
[debug] ssl_engine_io.c(1860): +-------------------------------------------------------------------------+
[debug] ssl_engine_io.c(1882): OpenSSL: read 2/2 bytes from BIO#7fe3fbaf17a0 [mem: 7fe3fbaf90d5] (BIO dump follows)
[debug] ssl_engine_io.c(1815): +-------------------------------------------------------------------------+
[debug] ssl_engine_io.c(1860): +-------------------------------------------------------------------------+
[debug] ssl_engine_kernel.c(1879): OpenSSL: Read: SSLv3 read client certificate A
[debug] ssl_engine_kernel.c(1898): OpenSSL: Exit: failed in SSLv3 read client certificate A
[client 41.220.207.10] SSL library error 1 in handshake (server www.myserver.org:443)
[info] SSL Library Error: 336151568 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
[client 41.220.207.10] Connection closed to child 0 with abortive shutdown (server www.myserver.org:443)

I've tried enabling all ciphers and all protocols temporarily with modssl, neither of which seemed to be the issue. The phone should be using RSA_RC4_128_MD5 and SSLv3, all of which are available.

Am I missing something more fundamental about what's failing here? It seemed like the certificate request might have been part of a renegotiation failure. I tried enabling SSLInsecureRenegotiation On on the virtual host, in case it was an issue of the phone's SSL not supporting the new protocol, but to no avail.

Currently running: Apache/2.2.16 (Ubuntu) mod_ssl/2.2.16 OpenSSL/0.9.8o Apache proxy_html/3.0.1

Clayton Sims over 7 years

As it turns out (for historical interest) you were correct, the handshake error was on the device side. Nokia 2690 phone's had a busted https stack in Java that couldn't successfully negotiate connections, it was just hidden on the browser side because the device used Opera.
kiltek almost 7 years

Where did you get this information from? I have a similar problem with different numbers: [Fri Sep 08 14:44:13 2017] [debug] ssl_engine_io.c(1870): | 0000: 16 03 01 00 3d 01 00 00-39 03 01 ....=...9.. |
aPugLife over 6 years

"How to translate HEX to human readable errors", can be found [tools.ietf.org/html/rfc5246#section-7.2] (here). I was able to translate mine. It just doesn't worh much, since the row after the codes tells you already what one would want to know.