Error: ssl3_read_bytes:sslv3 alert handshake failure

Hello, I am having trouble setting up https for a subdomain. The server is using HAProxy as a reverse proxy with a self signed certificate and sslv3 explicitly disabled. My CF SSL encryption mode is set to full. When I try to connect via curl, the following error occurs:

curl -v https://enigma-api.staging.ieeevit.org
* Rebuilt URL to: https://enigma-api.staging.ieeevit.org/
*   Trying 172.67.157.165...
* TCP_NODELAY set
* Connected to enigma-api.staging.ieeevit.org (172.67.157.165) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS alert, Server hello (2):
* error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

Chrome shows a ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.

Tried running openssl s_client -connect <SERVER-IP> and the output seemed okay to me. My CF SSL certificate is active.
Any idea what might be going wrong?

If you haven’t purchased the Advanced Certificate Manager here, then this is the problem:

3 Likes

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.