Reputation: 861
SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
i just installed new version of gitlab, after new installation ssl is not working... it throws SSL23_GET_SERVER_HELLO:sslv3 alert handshake error. ssh is working fine. only difference i see is in old browser says it is using TLS 1.0 and in new version it says 1.2. Since this is nothing to do with gitlab i posting the problem in stackoverflow...
$ git clone https://gitlabserver/group/project.git
Cloning into 'project'...
* Couldn't find host gitlabserver in the _netrc file; using defaults
* Adding handle: conn: 0x282d6f8
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x282d6f8) send_pipe: 1, recv_pipe: 0
* About to connect() to gitlabserver port 443 (#0)
* Trying gitlabserver...
* Connected to gitlabserver port 443 (#0)
* successfully set certificate verify locations:
* CAfile: c:/Users/lanid/curl-ca-bundle.crt
CApath: none
* error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
* Closing connection 0
fatal: unable to access 'https://gitlabserver/group/project.git/': error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Here is OpenSSL s_client output while testing with TLS 1.0 and SNI:
openssl s_client -connect <hostname>:<port> -tls1 -servername <hostname>
Loading 'screen' into random state - done
CONNECTED(00000208)
8008:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:.\ssl\s3_pkt.c:1126:SSL alert number 40
8008:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:.\ssl\s3_pkt.c:547:
Same command for another server with same setup but old version works file...
Upvotes: 8
Views: 24144
Answers (3)
Reputation: 305
If you facing this issue on Git Client.
Then install latest version of Git bash.
I faced the same issue and resolved installing the new Git Client.
Upvotes: 6
Reputation: 21
An upgrade of OpenSSL should resolve your issues.
OpenSSL has had some serious vulnerabilities exposed of late. As well, many web servers around the web have tightened up security to block those vulnerable protocols and ciphers.
Upvotes: 2
Related Questions
- OpenSSL SSL_connect: Connection was reset in connection to github.com:443 while try to git push
- Server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
- OpenSSL SSL_connect: Connection was reset in connection to github.com:443
- Getting fatal error at the time of - git pull - SSL routines:SSL3_GET_RECORD
- OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to gitlab.com:443
- git and "Server aborted the SSL handshake" errors
- Git Error: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to
- python-gitlab api SSL bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],
- how to solve error SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
- git trouble via https: routines:SSL23_GET_SERVER_HELLO