I am having issues with a server, i'm getting many of these errors
especially while running a load (~80 users).
here is the full error message:
error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record
mac
It seems to be occurring during the negotiation (accept) phase.
Maybe something is wrong with the cipher options?
Here is my context generation code:
// generate the context with SSL version 2,3, and TLS support
SSL_CTX* ctx = SSL_CTX_new(SSLv23_method());
> // Set the context mode
SSL_CTX_set_mode(ctx,
> SSL_MODE_AUTO_RETRY|SSL_MODE_ENABLE_PARTIAL_WRITE);
// Set the workaround options
SSL_CTX_set_options(ctx, SSL_OP_ALL);
// not verifying client certificate
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
> // Set the client certificate max verification depth
SSL_CTX_set_verify_depth(ctx, 10);
// Load certificate from file
int res = SSL_CTX_use_certificate_file(ctx, certificateFile.c_str(),
> SSL_FILETYPE_PEM);
if (!res)
{
unsigned long error;
char errBuff[1024];
do
{
error = ERR_get_error();
ERR_error_string_n(error, errBuff, 1024);
} while (error);
>
> throw "Error loading SSL certificate";
}
// Load private key from file
if (!(SSL_CTX_use_PrivateKey_file(ctx, privateKeyFile.c_str(),
> SSL_FILETYPE_PEM)))
{
throw "Error loading SSL certificate";
}
// Set the session id context
SSL_CTX_set_session_id_context(ctx, (const unsigned char
> *)sessionIdContext.c_str(), (unsigned int)sessionIdContext.length());
> mContext = ctx;
