Protection Engine Secure ICAP TLS Handshake Error: ssl3_get_record:wrong version number

book

Article ID: 214296

calendar_today

Updated On:

Products

Protection Engine for NAS Protection Engine for Cloud Services

Issue/Introduction

You have Symantec Protection Engine (SPE) configured for Secure ICAP and see the following error in the logs:

Failed to complete TLS/SSL handshake initiated by TLS/SSL client. Error code: error:1408F10B:SSL routines:ssl3_get_record:wrong version number

Cause

Protection Engine received a request that was not using TLS when configured to use Secure ICAP. This can happen if you enable Secure ICAP but do not configure your connector/client to connect via TLS/SSL before sending an ICAP request.

Environment

SPE 8.2
Secure ICAP

Resolution

Ensure all clients/connectors are configured to connect via TLS/SSL before sending an ICAP request.