What is meaning of this SSL routines:tls_early_post_process_client_hello:inappropriate fallback
Information
Summary: |
Why user getting SSL routines:tls_early_post_process_client_hello: inappropriate fallback |
Environment: |
Product: Loadmaster Version: Any Platform: Any Application: Any |
Question/Problem Description: |
|
Steps to Reproduce: | |
Error Message: | |
Defect Number: | |
Enhancement Number: | |
Cause: | |
Resolution: |
If a TLS client fails to connect for whatever reason (even plain TCP failure due to a bad network, or other reasons), it will downgrade the TLS protocol version to a lower level and try again, this time including the TLS_FALLBACK_SCSV cipher suite in the ClientHello request. When the server sees the TLS_FALLBACK_SCSV cipher suite, and it supports a higher TLS protocol version, then it knows the client is basically troubleshooting the connection and responds with inappropriate fallback. Presumably, the client will try again, this time with a higher protocol version. |
Workaround: | |
Notes: |