SSL handshake failed

Question

Answer 1 · 2015-11-09T02:00:28Z

James T Mashore answered Nov 9, '15

After a bit of reading of other threads on here, it appears Alexa does not support SSL SNI (several domains sharing the same ip address with different certificates), even when testing. I find that very odd sense she will support a self signed certificate. Go figure !

10 |5000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 2 · 2015-11-10T03:30:26Z

Stefan Negritoiu answered Nov 10, '15

It's probably less about an explicit choice to not support SNI and more about the fact that SNI is a relatively new standard in the overall SSL/TLS suite of protocols/standars than self-signed certificate. One would have to be on a recent version of whatever app platform you use to get the support and for whatever reason Alexa service isn't. -- Stefan

10 |5000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 3 · 2015-11-10T05:20:38Z

Stefan Negritoiu answered Nov 10, '15

And that is in fact the case. While looking through our skill's logs, I noticed that the UserAgent string from the Alexa service is "Apache-HttpClient/4.3 (java 1.5)" which presumably uses JDK 1.5. SNI was added to the JDK in 1.7.

10 |5000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

question