sslv3 alert handshake failure with LWP::UserAgent

Question

I'm trying to make an https request using LWP::UserAgent:

#!/usr/bin/perl

use strict;
use warnings;
use LWP::UserAgent;

my $login_url = 'https://www.icscards.nl/abnamrogb/login/login';
my $ssl_options = { SSL_version => 'tlsv1', verify_hostname => 0 };
my $browser = LWP::UserAgent->new(ssl_opts => $ssl_options);
$browser->cookie_jar( {} );

my $response = $browser->get($login_url);
print $response->decoded_content;

and get the following error message:

Can't connect to www.icscards.nl:443

LWP::Protocol::https::Socket: SSL connect attempt failed because of handshake problems error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure at /System/Library/Perl/Extras/5.18/LWP/Protocol/http.pm line 51.

Changing the URL to e.g. https://www.google.com/ works fine, but not the URL I want to fetch.

Worth noting: I get the same error when making a request to this URL with python.

Answer 1

... alert handshake failure at /System/Library/Perl/Extras/5.18/LWP/Protocol/http.pm line 51.

It looks like you are using MacOS and and older version of Perl. Based on this I assume that your underlying OpenSSL version is still 0.9.8, because this ancient version of OpenSSL is the one which got shipped with MacOS. You can verify my assumption by calling

perl -MNet::SSLeay -E 'say Net::SSLeay::SSLeay_version(0)

If this reports version 0.9.8 my assumption is right. If this report 1.0.0 I'm wrong but the following still applies. If it reports 1.0.1 or even better the following explanation does not apply.

OpenSSL 0.9.8 does not support ECDHE ciphers as can be also seen at report from SSLLabs. Only, this server requires ECDHE ciphers as can be seen from this report by SSLLabs. Thus, there is no common cipher between client and server which means that the TLS handshake fails.