> Handshake failed
>
> The SSL handshake could not be performed.
>
> Host: <remote host name> Reason: error:14094416:SSL
> routines:ssl3_read_bytes:sslv3 alert certificate unknown:state
> 23:Application response 500 handshakefailed
>
> <Our Service Desk ext. number>
> generated 2017-04-24 15:28:13 by webwasher4
> Java/1.8.0_112
Webwasher is your proxy right?
Yes. (
So it is clearly webwasher that is
generating this error message (it says so in the text above!). The
OpenSSL error contained in this text occurs when the remote peer sends a
fatal alert to the local endpoint. So it looks to me like your proxy has
initiated a TLS connection to the remote host but the remote host has
rejected the handshake and sent back a "certificate unknown" fatal alert.
A certificate unknown alert has the following description in the RFCs:
certificate_unknown
Some other (unspecified) issue arose in processing the
certificate, rendering it unacceptable.
So, my guess is that the remote host has requested a client certificate
(i.e. client auth) and your proxy has been unable to provide it.
Understood, thanks!
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
