What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

SSL Certificate Sensor and Cloudflare

Votes:

0

We have been using SSL Certificate Sensor for number of websites/domains and it was working fine for years until I moved some of them to Cloudflare for DNS (SSL/TLS encryption mode is Full (strict)).

I'm getting this error message now (PRTG version 22.1.75.1594 ):

Failed to establish secure connection [Step 0] Error connecting with SSL. Error connecting with SSL. error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure [Step 1] Error connecting with SSL. Error connecting with SSL. error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol [Step 2] Error connecting with SSL. Error connecting with SSL. error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure [Step 3] Error connecting with SSL. Error connecting with SSL. error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure [Step 4] Error connecting with SSL. Error connecting with SSL. error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number [Step 5] Error connecting with SSL. Error connecting with SSL. error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol

Is there something I can do to get this sensor working again?

certificate prtg ssl

Created on Mar 31, 2022 9:44:50 AM



5 Replies

Accepted Answer

Votes:

0

Hello Marcin,

According to the error returned by the sensor, only TLS 1.3 connections are allowed however the sensor doesn't support it yet (hence the error "unsupported protocol"). Our development team are improving many sensors in the background however I can't tell you when TLS 1.3 will be supported. Nevertheless, this is planned to do so.

Regards.

Created on Apr 4, 2022 1:13:20 PM by Florian Lesage [Paessler Support]



Votes:

0

Was this fixed yet? I am experiencing the same issue and am running 22.1.75.1594+. Thanks!

Created on Jun 28, 2022 5:25:56 PM



Votes:

1

Hello,

Thank you for your message.

The development team is working under the hood to update the library used for our sensors to be able to handle TLS 1.3 (among other benefits). However, I'm afraid that it has to be done in multiple parts and therefore it will take some time before TLS 1.3 is supported.

Regards.

Created on Jun 30, 2022 7:26:53 AM by Florian Lesage [Paessler Support]



Votes:

0

Hi Florian,

Why does it work without issue in version 21.4.72.1649, but fail in 22.2.77? We just had to roll back an upgrade because of this.

Regards,

Created on Jul 12, 2022 12:04:10 AM



Votes:

0

Hi Andrew,

Thank you for your message.

We have received a few support cases regarding this issue however the actual origin of the problem might be different than the limited supported version(s) of TLS. In these cases, the problem was due to a wrong SNI (Server Name Indication).

Therefore, when this happens I recommend to provide the SNI within the sensor Settings tab accordingly. Here is the sensor manual if needed: https://www.paessler.com/manuals/prtg/ssl_certificate_sensor. When configured, the sensor should start working properly again.

Regards.

Created on Jul 12, 2022 1:52:40 PM by Florian Lesage [Paessler Support]

Last change on Jul 12, 2022 1:53:37 PM by Florian Lesage [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.