Auth0 Home Blog Docs

Failed Signup - SSLv3 error?


#1

Hey,

When attempting to create a user throught the Management API v2, I receive a 400 response and the following error is logged:

"description": "write EPROTO 140144844359488:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:../deps/openssl/openssl/ssl/s23_clnt.c:802:\n", 

This started failing a few weeks ago, and there’s been no change on my end. Has there been some change made to Auth0?


#2

Would you be able to capture a HAR file of the authentication flow where you are experiencing this issue for us to investigate (https://auth0.com/docs/har)? Please send via PM as it can contain sensitive info


#3

Hey Jeremy,

Unfortunately this is a machine-to-machine interaction so I can’t capture a HAR. I can give the log ID if someone at Auth0 can use that?

Andrew


#4

Sure send it over via DM


#5

Hey @andrew.mcharg,

I took a look at this and it seems like we are getting SSL errors when connecting to your custom database.

Whenever a user signs up, we call the get_user script to ensure the user does not already exist. That means we contact your custom database.

At that time, we are getting the SSL error. Can you please double check your certificates and see if there are any logs on your server that could help pinpoint this?


#6

Hi Jose,

This isn’t a custom DB, this is an Auth0 Database hosted by yourselves. I’ll DM you details of the DB.

Thanks,
Andrew


#7

Hello, Andrew,

The database that you DM’d me is set as a Custom Database. Maybe you inadvertently turned the toggle on? You can find it in your Dashboard > Connections > Database > DB name > Custom Database > Use my own database (it should be off).

Let me know if this helps.

Thanks!


#8

Hey Jose,

Thanks for the tip, looks like the DB is set to custom when using the migration option in the Auth0 Wordpress plugin. The server it is connecting to has a valid SSL cert and supports TLSv1.2. It supports the following cipher suites:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

Can you confirm that these are supported by Auth0?