Receiving "SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: sslv3 alert handshake failure" with openshift nodejs app

user2796352 picture user2796352 · Oct 22, 2014 · Viewed 8.5k times · Source

I have a nodejs app on openshift, and we use the rhc port-forward command to connect to our database when we develop locally.

We have implemented passport to authenticate users through google and through facebook. I have authenticated my self, and we could still use the rhc commands. My partner has recently authenticated himself through facebook, and shortly after that (~1 week), we got this error thrown our way. Dont know if that is entirely relevant, but it couldn't hurt to include.

Connection to openshift.redhat.com failed: A secure connection could not be established to the   server
(SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: sslv3 alert handshake failure). You may
disable secure connections to your server with the -k (or --insecure) option
'https://openshift.redhat.com/broker/rest/api'.

If your server is using a self-signed certificate, you may disable certificate checks with the -k (or
--insecure) option. Using this option means that your data is potentially visible to third parties.

Any ideas on how to resolve this? I have seen this error on other stack questions, but every question I saw, the people posing the question were using ruby.

Answer

milesaron picture milesaron · Oct 22, 2014

This is likely a result of the POODLE SSLv3 debacle. You can fix it by updating the httpclient ruby gem. At the command line type:

sudo gem update httpclient

Or you can also fix it by adding the following to your .openshift/express.conf file:

ssl_version=tlsv1

Both of these fixes essentially tell your app to use TLSv1 instead of SSLv3.