"SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message - SSL alert number 10" running tckeygen

  • 3006498
  • 04-Apr-2008
  • 26-Apr-2012

Environment

NetWareNovell NetWare 6.5 Support Pack 6
Novell eDirectory 8.7.3.9 for NetWare 6.5
Novell Modular Authentication Service (NMAS) version 3.2.0
Novell Certificate Server (PKIS) 3.3
NTLS 2.0.2
Novell iManager 2.6

Situation

A new Certificate Authority (CA) was created. The .keystore is invalid and needs to be recreated.

Running tckeygen to create the .keystore for tomcat fails with the error "SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message - SSL alert number 10"

The ldap trace shows the following:
LDAP: [2007/10/08 12:53:20] DoTLSHandshake on connection 0x8fbde0e0
LDAP: [2007/10/08 12:53:20] TLS accept failure 1 on connection 0x8fbde0e0, setting err = -5875. Error stack: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message - SSL alert number 10
LDAP: [2007/10/08 12:53:20] TLS handshake failed on connection 0x8fbde0e0, err = -5875
LDAP: [2007/10/08 12:53:20] BIO ctrl called with unknown cmd 7
LDAP: [2007/10/08 12:53:20] Server closing connection 0x8fbde0e0, socket error = -5875
LDAP: [2007/10/08 12:53:20] Connection 0x8fbde0e0 closed


Note: Secure LDAP works and TLS is not required for simple passwords.

Resolution

The issue appears to be with tckeygen and tomcat.

The current work around is to use another server as the iManager server or re-install iManager and tomcat.

Status

Reported to Engineering

Feedback service temporarily unavailable. For content questions or problems, please contact Support.