2

We are running the Sonos Self-Test Suite to validate our service implementation. All tests are green except the "ssl_validation test_support_secure_renegotiation". The related output from the test is 

[FAIL] SONOS.sonos.workflow.fixture.ssl_validation - There was an exception while scanning the domain (<our domain>) for secure session renegotiation: sslyze.utils.ctSSL.errors.SSLErrorSSL - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init

Our domains supports secure renegotiation accorning to https://www.ssllabs.com/ssltest/analyze.html, also the output of sslyze --reneg <our domain> seems to be OK:

SCAN RESULTS FOR <our-domain>:443 - <our-ip>.
-------------------------------------------------

 * Session Renegotiation:
       Client-initiated Renegotiation:    OK - Rejected
       Secure Renegotiation:              OK - Supported

Any suggestion how to get rid of the error? Thanks.

Vit
  • 21
  • 2

2 Answers2

1

Our ssl tests on self test currently have a few problems. We have filed bugs. In the meantime, you can ignore this specific ssl error.

Matt Welch
  • 827
  • 2
  • 6
  • 12
  • Is this still an issue? I am getting the same error, although secure renegotiation seems to be supported. – Mischa Sep 25 '17 at 14:08
0

Seems to be still an issue. I am getting this error, too:

FAIL There was an exception while scanning the domain (smapi.xxx.xx) for secure session renegotiation: sslyze.utils.ctSSL.errors.SSLErrorSSL - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init

But via sslyze it seems to be fine:

sslyze --reneg smapi.xxx.xx

  • Session Renegotiation:

    Client-initiated Renegotiation: OK - Rejected

    Secure Renegotiation: OK - Supported

And https://www.ssllabs.com/ssltest says:

Secure Renegotiation Supported

Secure Client-Initiated Renegotiation No

Insecure Client-Initiated Renegotiation No

nowrap
  • 1
  • 2