SSL handshake fails

Hi there,
I am investigating a problem where our A connection from the browser to a our server is failing.  In the server side, we are using POCO library.  The failure happens in SSL_do_handshake().  It returns -1.
After doing some googling, I found that I can use openssl s_client to investigate the problem.  

When I ran the following command, I get these logs.

user@debian7:~/poco-1.6.1-all$ openssl s_client -connect localhost:443 -state -CAfile ~/RUNTIME/ssl/server.crt -nbio 2>&1 | grep ^SSL
SSL_connect:before/connect initialization
SSL_connect:unknown state
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read server session ticket A
SSL_connect:error in SSLv3 read server session ticket A
SSL_connect:SSLv3 read server session ticket A
SSL_connect:SSLv3 read finished A
SSL handshake has read 1542 bytes and written 446 bytes
SSL-Session:

But, not consistent: Sometime, I don't get the errors and get the following.
 
SSL_connect:before/connect initialization
SSL_connect:unknown state
SSL_connect:error in unknown state
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read server session ticket A
SSL_connect:error in SSLv3 read server session ticket A
SSL_connect:SSLv3 read server session ticket A
SSL_connect:SSLv3 read finished A
SSL handshake has read 1542 bytes and written 446 bytes
SSL-Session:


Out server is initialized with the following SSL context.

Context::Ptr pContext = new Context(Context::SERVER_USE, "/RUNTIME/ssl/server.key", "/RUNTIME/ssl/server.crt", "", Context::VERIFY_NONE, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");

What could be wrong.  I am not really familiar with SSL.  So, any help would be much appreciated.
Thank you.
ambuliAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
Most browsers have disabled SSLv3 because of security problems.  TLSv1.2 is the most current version for secure connections.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sarabandeCommented:
Sometime, I don't get the errors and get the following.
i can't see any difference between both loggings. both show the same errors.

Sara
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.