EBS: Troubleshooting Client-Side TLS Error Messages That Can Occur When Using Non-supported TLS Versions or Ciphers in Everbridge Suite

lock-solid.svg

Topic:

Troubleshooting TLS Error Messages that can occur when using non-supported TLS versions or ciphers.

Description:

TLS, or Transport Layer Security, is a protocol that provides privacy and data integrity between two communicating applications. It is the most widely deployed security protocol used for web browsers and other applications that require data exchange.

For information on Everbridge supported TLS versions, see Knowledge Base Article 000061321 - What Is Transport Layer Security (TLS) and What Versions of TLS Does Everbridge Support?

Below are a list client-side error messages that can occur if you continue to use browsers that do not support strong TLS 1.2 or TLS 1.3 ciphers after the February 1, 2023 update.

Chrome/Edge

  • Screenshot of error message when the client only supports an obsolete version of TLS

Your connection is not fully secure
This site uses an outdated security configuration, which may expose your information (for example, passwords, messages, or credit cards) when it is setn to this site. Learn more
NET::ERR_SSL_OBSOLETE_VERSION

User-added image
  • Error message for cipher mismatching (such as client only supports TLS 1.3 but the Server does not support TLS 1.3)

<unable to reproduce>

Firefox

  • Error message when the client only supports an obsolete version of TLS

Secure Connection Failed
An error occurred during a connection to <web-address>. Peer reports incompatible or unsupported protocol version.
Error code: SSL_ERROR_PROTOCOL_VERSION_ALERT

  • The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  • Please contact the website owners to inform them of this problem.
  • Screenshot of error message for cipher mismatching (such as client only supports TLS 1.3 but the Server does not support TLS 1.3)

Secure Connection Failed
An error occurred during a connection to <web-address>. Cannot communicate securely with peer:
no common encryption algorithm(s).
Error code: SSL_ERROR_NO_CYPHER_OVERLAP

  • The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  • Please contact the website owners to inform them of this problem.

Learn more...
It looks like your network security settings might be causing this. Do you want the default settings to be restored?
Restore default settings

User-added image

Safari

  • Error message when the client only supports an obsolete version of TLS

<unable to reproduce>

  • Error message for cipher mismatching (such as client only supports TLS 1.3 but the Server does not support TLS 1.3)

 <unable to reproduce>

Postman

  • Error message when the client only supports an obsolete version of TLS

Error displays that includes the message:

OPENSSL internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO

  • Error message for cipher mismatching (such as client only supports TLS 1.3 but the Server does not support TLS 1.3)

Error displays that includes the message:
 
OPENSSL internal:NO_CIPHER_MATCH

API

  • Error message when the client only supports an obsolete version of TLS

The auto scripts will show the below error:

> raise SSLError(e, request=request)
E requests.exceptions.SSLError: HTTPSConnectionPool(host='<domain-name>.net', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:1123)')))
 
  • Error message for cipher mismatching (such as client only supports TLS 1.3 but the Server does not support TLS 1.3)

    The auto scripts will show the below error:
> raise SSLError(e, request=request)
E requests.exceptions.SSLError: HTTPSConnectionPool(host='
<domain-name>.net', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1123)')))
Was this article helpful?
0 out of 0 found this helpful

Article Feedback

Please sign in to leave a comment.