search cancel

Investigating when an SSL Session Reject occurs due to Invalid Crypto Response


Article ID: 168168


Updated On:


SSL Visibility Appliance Software


SSL Session Logs show that access to the affected site is being Rejected due to Invalid Crypto Response.


Sessions may be rejected for various reasons, such as:
  • Client certificates being used.
  • Client trying to renegotiate an SSL session after the SSLV has intercepted it.
  • An error was encountered during the SSL handshake.

This message in particular happens when the SSL Visibility Appliance encounters an error during its modular arithmetic (processing and calculating keys).


To investigate further, we need :
  • To determine if only specific sites see the issue
  • To know how often it happens
  • A packet capture with corresponding SSL Session logs.
  • The Diagnostics logs.