View all products
Compute
Storage
Networking
Databases
Services
Solutions
Pricing
Library
Technical Resources
Community
Marketplace
What's New
Community Questions SSL Issue Only For Some Clients
Log in to Ask a Question

SSL Issue Only For Some Clients

networking

Leadup:

  • Set up a wordpress linode.

  • Imported a wordpress site.

  • Everything worked.

  • Added an ssl certificate from godaddy. It looks like the SSL certificate is installed correctly:

https://www.sslshopper.com/ssl-checker. … asa-ny.com">https://www.sslshopper.com/ssl-checker.html#hostname=tabularasa-ny.com

  • Everything still works, with one caveat.

Issue:

On some machines, people receive the following:

Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.

Error code: ERRSSLPROTOCOL_ERROR

Pattern:

The only real pattern I can see is that people with Time Warner in their office cannot load the site.

Evidence and Thoughts:

1) The site works on my laptop and my phone, but when I connected to the wifi in the office with Time Warner, it stopped working. They had an Arris TG### router from Time Warner.

2) Other people complained that they can't load the site with the same error and I confirmed that they are also using Time Warner.

3) No idea if this would be related to the router or the ISP.

4) Have tested this with other friends in various locations without any problems.

This is just a theory and any other ideas and solutions/suggestions would be very helpful.

2 Replies

Ah, got it from your link. I much prefer ssllabs test suite, since it'll clarify what I suspect is at the root of this issue: which clients can/cannot negotiate with your server given its TLS/SSL config:

https://www.ssllabs.com/ssltest/analyze … asa-ny.com">https://www.ssllabs.com/ssltest/analyze.html?d=tabularasa-ny.com

Based on that, it seems possible that the browsers or networks those people are using are dropping SSLv3 traffic. Given the issues with your SSL config, I'd suggest cleaning up your ciphers and settings based on the advice given by ssllabs and then seeing what happens.

  • Les

Thanks. The link was very helpful. I resolved the POODLE security issue, but that didn't resolve the problem.

As I discovered at the following link, it was an issue with ipv6:

http://serverfault.com/questions/676171 … 200#676200">http://serverfault.com/questions/676171/ssl-issue-only-for-some-clients-linode-server/676200#676200

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct