Search code examples
sslgoogle-cloud-platformgoogle-cloud-load-balancer

Loadbalancing GCP ALERT_HANDSHAKE_FAILURE

Hi im trying to config a HTTPS loadbalancer in GCP but when i made it show me that:

Error: write EPROTO 140392502987240:error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE:../../third_party/boringssl/src/ssl/tls_record.cc:594:SSL alert number 40 140392502987240:error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO:../../third_party/boringssl/src/ssl/handshake.cc:604:

I use GCP default as default politic ssl And the certificate is valid:

enter image description here

My frontends

enter image description here

But is still not working, i dont know what other thing do.

Solution

  • SSL proxy load balancers and global external HTTP(S) load balancers do not support SSL versions 3.0(SSLV3) or earlier. So, try to use a newer and more secure version to call the HTTPS Load balancer. Check whether the certificate is valid and linked properly with the page.

    EDIT:

    SSL fatal error, handshake failure 40 indicates the secure connection failed to establish because the client and the server couldn't agree on connection settings. Usually because the client or the server is way too old, only supporting removed protocols/ciphers. Try adding the domain name of the server to connect and a TLS connection will be established.

    Example:

    $ openssl s_client -connect 104.26.3.5:443 -servername external.example.com