问题
We are running the Sonos Self-Test Suite to validate our service implementation. All tests are green except the "ssl_validation test_support_secure_renegotiation". The related output from the test is
[FAIL] SONOS.sonos.workflow.fixture.ssl_validation - There was an exception while scanning the domain (<our domain>) for secure session renegotiation: sslyze.utils.ctSSL.errors.SSLErrorSSL - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
Our domains supports secure renegotiation accorning to https://www.ssllabs.com/ssltest/analyze.html, also the output of sslyze --reneg <our domain> seems to be OK:
SCAN RESULTS FOR <our-domain>:443 - <our-ip>.
-------------------------------------------------
* Session Renegotiation:
Client-initiated Renegotiation: OK - Rejected
Secure Renegotiation: OK - Supported
Any suggestion how to get rid of the error? Thanks.
回答1:
Our ssl tests on self test currently have a few problems. We have filed bugs. In the meantime, you can ignore this specific ssl error.
回答2:
Seems to be still an issue. I am getting this error, too:
FAIL There was an exception while scanning the domain (smapi.xxx.xx) for secure session renegotiation: sslyze.utils.ctSSL.errors.SSLErrorSSL - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
But via sslyze it seems to be fine:
sslyze --reneg smapi.xxx.xx
Session Renegotiation:
Client-initiated Renegotiation: OK - Rejected
Secure Renegotiation: OK - Supported
And https://www.ssllabs.com/ssltest says:
Secure Renegotiation Supported
Secure Client-Initiated Renegotiation No
Insecure Client-Initiated Renegotiation No
来源:https://stackoverflow.com/questions/45733033/sonos-self-test-exception-during-secure-renegotiation-test