Investigating when an SSL Session Reject occurs due to Invalid Crypto Response
Article ID: 168168
Updated On:
Products
SSL Visibility Appliance Software
Issue/Introduction
SSL Session Logs show that access to the affected site is being Rejected due to Invalid Crypto Response.
Cause
Sessions may be rejected for various reasons, such as:
This message in particular happens when the SSL Visibility Appliance encounters an error during its modular arithmetic (processing and calculating keys).
- Client certificates being used.
- Client trying to renegotiate an SSL session after the SSLV has intercepted it.
- An error was encountered during the SSL handshake.
This message in particular happens when the SSL Visibility Appliance encounters an error during its modular arithmetic (processing and calculating keys).
Resolution
To investigate further, we need :
- To determine if only specific sites see the issue
- To know how often it happens
- A packet capture with corresponding SSL Session logs.
- The Diagnostics logs.
Feedback
Powered by
