Troubleshooting a CFSSL:SSL error message
What does an SSL error message mean?
You want help troubleshooting a CFSSL:SSL error message
These messages were detected by some secure service on the ProxySG - https-console, https-reverse-proxy or SSL proxy, etc.
2007-06-05 21:43:57+02:00CEST "CFSSL:SSL_accept error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message" 0 310000:1 ../cf_ssl.cpp:1505
2007-06-05 21:44:03+02:00CEST "CFSSL:SSL_accept error:14089087:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:cert length mismatch" 0 310000:1 ../cf_ssl.cpp:1505
2007-06-06 09:09:55+02:00CEST "CFSSL:SSL_accept error:140943E8:SSL routines:SSL3_READ_BYTES:reason(1000)" 0 310000:1 ../cf_ssl.cpp:1505v
2007-06-06 15:39:30+02:00CEST "CFSSL:SSL_accept error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol" 0 310000:1 ../cf_ssl.cpp:1505
In this instance all of the above messages indicate that the client is sending ProxySG truncated or invalid SSL messages.
Event Log messages below related to when the ProxySG is acting as SSL client.
2007-06-06 09:10:03+02:00CEST "Stats Worker: received status Socket connect error during HTTPS put operation" 0 2D0006:1 ../Worker.cpp:745
2007-06-06 09:10:03+02:00CEST "Stats Worker: couldn't send report ProxySG Appliance Summary Statistics through HTTPS to Blue Coat" 0 2D0006:1 ../Worker.cpp:679
2007-06-06 09:29:46+02:00CEST "Abnormal receive request termination of connection from local port 41218 to advanced forwarded server 192.168.201.21. 11 retransmissions occurred with at least one packet having 11 retransmissions" 0 80204:1 ../htp_server.cpp:5031
Generally if Event Log messages begins with CFSSL:SSL_accept error, that means the ProxySG encountered errors on the client side connection when acting as an SSL server. If they begin with CFSSL:SSL_connect error, that means the ProxySG encountered errors on the server side or upstream connection when acting as an SSL client.