TCP Reset from security appliance causes Assessment Failure: Internal Error

ssllabs / ssllabs-scan

A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.

https://www.ssllabs.com/projects/ssllabs-apis/

Apache License 2.0

1.7k stars 240 forks source link

TCP Reset from security appliance causes Assessment Failure: Internal Error #344

Open gotshaykes opened 8 years ago

gotshaykes commented 8 years ago

Some NGFWs send a tcp reset to client & server for any connections in the process of doing an SSLv2 handshake. When this occurs, the SSLLabs scan reports an error: "Assessment failed: Internal Error".

Example: https://www.ssllabs.com/ssltest/analyze.html?d=transact.fhsu.edu

ivanr commented 8 years ago

Just FYI, SSL Labs reports "Internal Error" for any unusual condition; in this case, it's probably detecting an unexpected failure. It would be better to report a failure of an individual test.