PDA

View Full Version : sslv3 alert handshake failure (CAC authentication, BigIP proxy)



jflowers45
13 Nov 2017, 1:12 PM
I've successfully used Sencha Test to run automated browser testing against a locally hosted copy of an application. I'm now evaluating its use against a copy of the same application that is hosted in the client's real dev environment, which requires CAC authentication and has an F5 BigIP (proxy / load balancer / security device).

I'm getting the following error and I'm not sure the best way to proceed debugging it. I've read that it may have to do with a requirement for an SNI, or something about the negotiation of the particular SSL (TLS, SSL3) protocol, but wondering whether anyone can shed any light on this?

Thanks.

-Joe

Error: write EPROTO 101057795:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:c:\jenkins\workspace\electron-win-x64\vendor\node\deps\openssl\openssl\ssl\s3_pkt.c:1472:SSL alert number 40 101057795:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:c:\jenkins\workspace\electron-win-x64\vendor\node\deps\openssl\openssl\ssl\s3_pkt.c:656: at exports._errnoException (util.js:1026:11) at WriteWrap.afterWrite (net.js:795:14)

daniel.gallo
14 Nov 2017, 8:26 PM
I'm not familiar with this particular type of setup. When you say "CAC authentication", are you referring to usage of a physical card / smart card for authentication? If so, we haven't verified usage of Sencha Test in that type of environment.

In terms of debugging this, have you tried running the tests via the "Debug" button, and making sure the "Break in debugger on test failure" option is checked under the "Options" menu?