When attempting to create a user throught the Management API v2, I receive a 400 response and the following error is logged:
"description": "write EPROTO 140144844359488:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:../deps/openssl/openssl/ssl/s23_clnt.c:802:\n",
This started failing a few weeks ago, and there’s been no change on my end. Has there been some change made to Auth0?
Would you be able to capture a HAR file of the authentication flow where you are experiencing this issue for us to investigate (https://auth0.com/docs/har)? Please send via PM as it can contain sensitive info
Unfortunately this is a machine-to-machine interaction so I can’t capture a HAR. I can give the log ID if someone at Auth0 can use that?
I took a look at this and it seems like we are getting SSL errors when connecting to your custom database.
Whenever a user signs up, we call the
get_user script to ensure the user does not already exist. That means we contact your custom database.
At that time, we are getting the SSL error. Can you please double check your certificates and see if there are any logs on your server that could help pinpoint this?
This isn’t a custom DB, this is an Auth0 Database hosted by yourselves. I’ll DM you details of the DB.
The database that you DM’d me is set as a Custom Database. Maybe you inadvertently turned the toggle on? You can find it in your Dashboard > Connections > Database > DB name > Custom Database > Use my own database (it should be off).
Let me know if this helps.
Thanks for the tip, looks like the DB is set to custom when using the migration option in the Auth0 Wordpress plugin. The server it is connecting to has a valid SSL cert and supports TLSv1.2. It supports the following cipher suites:
Can you confirm that these are supported by Auth0?
Hey there Andrew!
Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there but sometimes our bandwidth is not enough for all the incoming questions.
Have you been able to found the information about the cipher suites we support working with our developer support team or do you want me to confirm that?