1. Tildeslash Avatar Tildeslash
  2. Untitled project
  3. Monit
  4. Issues

Sporadic error entries in log "ssl handshake failure" - only Firefox

Issue #505 resolved
Tim Reeves created an issue

Hi,

I am aware of this thread, but maybe this is a bit different. And weird...

It happens with a self-compiled 5.21.0 on Debian Jessie, managed by Plesk Onyx and all packages up-to-date. openssl version => OpenSSL 1.0.1t 3 May 2016

I tried with different browsers - Chrome, Opera, Edge, IE11, FF - and only Firefox 50 causes (example):

[CET Nov 21 16:17:03] error    : HttpRequest: access denied -- client [my-ip]: missing or invalid Authorization header

[CET Nov 21 16:21:07] error    : SSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure

[CET Nov 21 16:21:07] error    : SSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure

[CET Nov 21 16:23:08] error    : SSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure

[CET Nov 21 16:23:08] error    : SSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure

[CET Nov 21 16:25:09] error    : SSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure

[CET Nov 21 16:25:09] error    : SSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure

[CET Nov 21 16:29:10] error    : SSL: read error -- error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure

[CET Nov 21 16:29:10] error    : SSL: write error -- error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure

The error logging is intermittent - initial request at 16:17 (access denied while I enter my credentials), first auto-refresh at 16:19 - no error. But then errors at :21, :23, :25, <:27 no error>, :29 again error... HEH?

Obviously this is not a show-stopper (use another browser), and one may be tempted to just blame Firefox...

But I tried using the monit binary from the Debian package - good 'ol 5.9. And with that version, no error messages caused by Firefox viewing the HTTP access. So it must be possible for monit to avoid provoking the problem, as the binary was the only thing I changed.

Grateful for any tips - and many thanks for all the good work on monit!

Tim Reeves

Comments (5)

  3. Tildeslash repo owner

    Hi,

    i cannot reproduce the issue (using FF 50.0.1 on MacOS).

    The Monit 5.21.0 is an unreleased development version, there was one problem in network (fixed), please can you try again?

  4. Tim Reeves reporter

    Thanks for checking! I already had the youngest version - my pull found no changes. I cloned on 19.11., the openssl fix was on 15.11. And the error messages have still been happening.

    Now I just updated Firefox from 50.0 to 50.0.1. I'm using Windows 10. I've been watching it now for about 30 minutes, no error messages as yet. MAybe it was a bug in FF 50.0.

  6. Log in to comment
Assignee
Type
bug
Priority
minor
Status
resolved
Component
Monit
Version
Votes
0
Watchers
1