crypto/tls: handshake failure #8138
Labels
Milestone
Comments
The error messages should be much improved in Go 1.3 (the beta of which you can obtain from here: https://code.google.com/p/go/wiki/Downloads). It's possible that the error message from 1.3 will tell us what's wrong. Alternatively, a tcpdump may be needed. |
|
Comment 4 by zhuoyikang@nibirutech.com: sorry, it's not a bug , for all i know , the server which i can't connect successfully just support ECDHE cipher suite, and does't support RSA , i report the problem to the server's manager , after he change the config , all code worked , so ,thanks you guys all the same , and the issue can be close. |
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
by zhuoyikang@nibirutech.com:
i believe it's a bug on crypto/tls. my client is Erlang-R15B02, and Server is crypto/tls , always handshark error, there is ssldump below: New TCP connection #1: ip-10-0-1-169.us-west-2.compute.internal(36804) <-> 115.29.228.221(60056) 1 1 1.2367 (1.2367) C>S Handshake ClientHello Version 3.1 cipher suites Unknown value 0xff TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA compression methods NULL 1 2 1.4580 (0.2213) S>C Alert level fatal value handshake_failure 1 1.4580 (0.0000) S>C TCP FIN 1 1.4590 (0.0010) C>S TCP FIN so ,these cipher suites are support by Erlang: TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA and these cipher suites is supported by golang/tls TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005 TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000a TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xc009 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xc00a TLS_ECDHE_RSA_WITH_RC4_128_SHA uint16 = 0xc011 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xc012 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b and, they both suport: ``` TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_RC4_128_SHA ``` but go/tls inject and fatal error 1 2 1.4580 (0.2213) S>C Alert level fatal value handshake_failure does it a bug ??? meanwhile, i test golang/tls in my computer where erlang client, it work as excepted. but it does work on the remote server where i am not convenienced to give the host/port, any body can help?The text was updated successfully, but these errors were encountered: