2533391 - SSL Error SSL23_GET_SERVER_HELLO:unknown protocol | SAP Knowledge Base Article

SAP Knowledge Base Article - Preview

2533391 - SSL Error SSL23_GET_SERVER_HELLO:unknown protocol

Symptom

  • Clients connecting to ASE using SSL fail to connect
  • The failed connection results in the following message in the ASE log:

kernel SSL or Crypto Error Info: psn 37, vsn 7, sockp 0x1839a7f00 error id 302, severity -2, provider id 0.
kernel SSL or Crypto Error Message: 'The SSL handshake failed. Root error: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol'.

  • A jConnect application error receives a "Handshake message sequence violation" message:

java.sql.SQLException: JZ006: Caught IOException: java.io.IOException: JZ0T3 use getCause() to see the error chain
       at com.sybase.jdbc4.jdbc.ErrorMessage.raiseError(ErrorMessage.java:840)
       at com.sybase.jdbc4.jdbc.ErrorMessage.raiseErrorCheckDead(ErrorMessage.java:1173)
       at com.sybase.jdbc4.tds.Tds.handleIOE(Tds.java:5256)
       at com.sybase.jdbc4.tds.Tds.handleIOE(Tds.java:5201)
       at com.sybase.jdbc4.tds.Tds.login(Tds.java:567)
       at com.sybase.jdbc4.jdbc.SybConnection.tryLogin(SybConnection.java:519)
       at com.sybase.jdbc4.jdbc.SybConnection.handleHAFailover(SybConnection.java:3729)
       at com.sybase.jdbc4.jdbc.SybConnection.<init>(SybConnection.java:371)
       at com.sybase.jdbc4.jdbc.SybConnection.<init>(SybConnection.java:271)
       at com.sybase.jdbc4.jdbc.SybDriver.connect(SybDriver.java:224)
       at java.sql.DriverManager.getConnection(Unknown Source)
       at java.sql.DriverManager.getConnection(Unknown Source)
       at SSLCertificate.getConnection(SSLCertificate.java:143)
       at SSLCertificate.main(SSLCertificate.java:132)
Caused by: java.io.IOException: JZ0T3
       at com.sybase.jdbc4.jdbc.SybSSLSocketFactory.createSocket(SybSSLSocketFactory.java:419)
       at com.sybase.jdbc4.timedio.SocketDbio.doConnect(SocketDbio.java:98)
       at com.sybase.jdbc4.timedio.InStreamMgr.<init>(InStreamMgr.java:109)
       at com.sybase.jdbc4.tds.Tds.login(Tds.java:533)
       ... 9 more
Caused by: javax.net.ssl.SSLProtocolException: Handshake message sequence violation, 1
       at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
       at sun.security.ssl.Handshaker.processLoop(Unknown Source)
       at sun.security.ssl.Handshaker.process_record(Unknown Source)
       at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
       at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
       at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
       at com.sybase.jdbc4.jdbc.SybSSLSocketFactory.createSocket(SybSSLSocketFactory.java:414)


Read more...

Environment

  • SAP Adaptive Server Enterprise (ASE) 15.7 and 16.0
  • SAP Adaptive Server Enterprise Cluster Edition (ASE CE) 15.7
  • SSL
  • Site Handler in use ("cis rpc handling" is set to 0) 

Product

SAP Adaptive Server Enterprise 15.7 ; SAP Adaptive Server Enterprise 15.7 Cluster Edition ; SAP Adaptive Server Enterprise 16.0

Keywords

CR809748, CR#809748, 809748,  OpenSSL, s_client, client_hello, server_hello , KBA , BC-SYB-ASE , Sybase ASE Database Platform (non Business Suite) , BC-SYB-ASE-CE , ASE Cluster Edition (Standalone) , Bug Filed

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.