Ошибка: 1408F10B: SSL Prontines: SSL3_GET_RECORD: НОМЕР ВЕРСИИ
Resolve: error:1408f10b:ssl routines:ssl3_get_record:wrong version number
If you have been coming across the ssl3_get_record: wrong version number error, you have come to the right place. Our Support Team has been helping a few of our customers get back on track after getting this error.
In fact, this specific error is due to the server not responding with TLS data as expected. For instance, the client starts the TLS handshake, prompting the server to reply with a non-TLS response. Since the client expects a reply from the server as part of the TLS handshake, it tries to interpret the response, ending in an error message.
Furthermore, this ends in the wrong version number with OpenSSL-based stacks since it tries to extract TLS version number, resulting in unexpected results.
Alternatively, the issue may also arise due to a middlebox or software problem in the network path to the server.
How to resolve the error
First, ensure the domain is pointing to the correct server.
Then, check the configuration file for our websites is enabled in Apache. In some cases, the default virtual host on Apache is set only for non-SSL configurations. In this scenario, symlink the website configuration file to the /etc/apache2/sites-enabled directory as seen below:
sudo ln -s /etc/apache2/sites-available/my-website.conf /etc/apache2/sites-enabled/my-website
We can verify this is successful with the command:
ls /etc/apache2/sites-enabled/
Then, restart the apache2 webserver.
Next, we have to check which internal port the NAT configuration is pointing to. Our Support Techs would like to point out that the UI allows writing ports with a comma separator, but it is not associative. For instance, even if source=80,443 it will redirect all packets to 80.
After that ensure the proxy URL is HTTP://.
Here are a few more troubleshooting tips to help fix the issue:
If we get the error while using Nginx, adding the following code to the server configuration will help:
listen 443 ssl;
...
}
Another option is to check if we are behind a proxy server. If yes, we have to set the proxy for curl. We can do this by adding the following line to the subl ~/.curlrc file:
proxy= proxyserver:proxyport
Additionally, if we are not behind a proxy, ensure the curlrc file does not contain proxy settings.
akileus