SSL Problem - sslv3 alert handshake failure

vincentg

Well-Known Member
May 12, 2004
172
4
168
new york
I am getting this problem with WHMCS when I tried to suspend a website.
Checked the Server setup in WHMCS and other servers test ok but the one whmcs is installed on fails.

SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (error code: 35)

SSL is working normal for all websites.
No problems with WHM or Cpanel with secure login

ssllabs.com tests pass except since we are using Centos 5.11 it is limited to tlsv1

This just happened recently after a cpanel update.

I did an Apache build which I also suspected maybe the problem
PHP was 5.4.35 and now is 5.3.29
That I think rules out PHP

Any ideas where to look to solve this problem?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,903
2,237
463
I am getting this problem with WHMCS when I tried to suspend a website.
Hello :)

Is this only happening when using WHMCS? If so, please keep in mind that you will receive more feedback from their support forums:

WHMCS Forums

Thank you.
 

vincentg

Well-Known Member
May 12, 2004
172
4
168
new york
Well this is a real headache

WHMCS support thinks it's a server problem

I created a php SSL test script and it seems to work ok

This problem started when I noticed a message on WHM saying updates were halted due to Front Page being supported.
Apache did not have Front Page installed but there were a few sites that had the front page files.
I removed them and the upgrade worked.

After this upgrade WHMCS API calls didn't work on this server anymore.
We just get the Error SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (error code: 35)

WHMCS support will have access to login later today but this may bounce back here.

Why would the update break WHMCS Cpanel API calls?

I tried everything I can think of to no avail.

Something on Centos 5 plus WHMCS plus Cpanel does not get along very well - lol

This server is due to be replaced in January - bad timing I guess.
 

vincentg

Well-Known Member
May 12, 2004
172
4
168
new york
It turned out to be a cipher list that I used to pass PCI testing.

I was using this: RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!ADH:!AESGCM:!AES:!DES-CBC3-SHA:!CAMELLIA256-SHA:!CAMELLIA128-SHA:!AES256-SHA

This is a Centos 5 OS and we are limited to TLS1 protocol

But it causes a problem only with WHMCS

What is the best recommend settings for this?