Track tasks and feature requests
Join 40 million developers who use GitHub issues to help identify, assign, and keep track of the features and bug fixes your projects need.
Sign up for free See pricing for teams and enterprisescrypto/tls: handshake failure #8138
Closed
Labels
Milestone
Comments
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
The error messages should be much improved in Go 1.3 (the beta of which you can obtain from here: https://code.google.com/p/go/wiki/Downloads). It's possible that the error message from 1.3 will tell us what's wrong. Alternatively, a tcpdump may be needed. |
This comment has been minimized.
This comment has been minimized.
|
Comment 4 by zhuoyikang@nibirutech.com: sorry, it's not a bug , for all i know , the server which i can't connect successfully just support ECDHE cipher suite, and does't support RSA , i report the problem to the server's manager , after he change the config , all code worked , so ,thanks you guys all the same , and the issue can be close. |
This comment has been minimized.
This comment has been minimized.
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
by zhuoyikang@nibirutech.com:
i believe it's a bug on crypto/tls. my client is Erlang-R15B02, and Server is crypto/tls , always handshark error, there is ssldump below: New TCP connection #1: ip-10-0-1-169.us-west-2.compute.internal(36804) <-> 115.29.228.221(60056) 1 1 1.2367 (1.2367) C>S Handshake ClientHello Version 3.1 cipher suites Unknown value 0xff TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA compression methods NULL 1 2 1.4580 (0.2213) S>C Alert level fatal value handshake_failure 1 1.4580 (0.0000) S>C TCP FIN 1 1.4590 (0.0010) C>S TCP FIN so ,these cipher suites are support by Erlang: TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA and these cipher suites is supported by golang/tls TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005 TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000a TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xc009 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xc00a TLS_ECDHE_RSA_WITH_RC4_128_SHA uint16 = 0xc011 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xc012 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b and, they both suport: ``` TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_RC4_128_SHA ``` but go/tls inject and fatal error 1 2 1.4580 (0.2213) S>C Alert level fatal value handshake_failure does it a bug ??? meanwhile, i test golang/tls in my computer where erlang client, it work as excepted. but it does work on the remote server where i am not convenienced to give the host/port, any body can help?