ERROR: Fetching the page failed because SSL handshake error


#1

I am using twitter summary card in my site and when i validate the card using twitter card validator getting “ERROR: Fetching the page failed because SSL handshake error.” error, any one have any idea how to resolve this.


#2

Are you able to provide details (link) for your site so others can test it?


#3

Hello andypiper,
https://craftedusa.com/maker/vinniepavao
This is the link where i am applied twitter summary card and during validation step getting above error.


#4

I’m seeing that too - not certain why this is the case, as I’m able to fetch the page successfully. The only thing I’m wondering about is whether the web server’s time and date are set correctly, as that can sometimes cause issues negotiating SSL connections. Apart from that, I’m not sure why this is failing.

One small piece of feedback, the twitter:description field will be truncated at 200 characters so the value you are currently using is too long. That is unrelated to this error, though.


#5

Getting the same message trying to validate:

I have checked:

  1. The server date/time is correct
  2. The server is NOT using SNI
  3. The correct cyphersuites are in use

The site’s certificate validates correctly in:

  • Firefox (34)
  • Chromium (39)
  • Internet Explorer (11)

The cards were working OK before Christmas (not sure of the exact date they stopped).

The server is running Ubuntu Linux 14.04.1 with apache2 and mod_ssl.

Any ideas what may have changed to stop things working?


#6

The only thing I’m aware of that changed in the past few months was that we no longer support SSLv3 due to the POODLE vulnerability (and others). I do not think this is the issue here, but I’ll ask the Cards team to take a look at why these issues may be occurring recently.


#7

Thanks for the update.

We’re weren’t running SSLv3 either and in any case all of the browsers listed chose TLS1.2 or better. Look forward to your updates.


#8

Thanks for your reply am also looking for further updates and suggestion regarding this error.


#9

Has there been any further result here?

Additionally I have been unable to find any log files our side mentioning this error.


#10

OK, I think I’ve found the solution to this one. Basically it’s a “design choice” made by both Apache and Java >= 1.7.

The issue is that Java always sends an SNI name request (which is good since IP addresses are in short supply). If you have an apache server that’s only serving one site (or, like ours, where each site has a unique IP) and you don’t specify a ServerName directive, apache will respond using the local host name (if defined) or the IP of the connection. Apache also sends a warning that the names don’t match (which is against the advice in the spec). Java sees that warning and turns it into a fatal error, so the connection is aborted.

The solution is simply to add a ServerName directive that matches the SSL certificate’s CN (add ServerAlias’s too if needed).

For a fuller discussion of this issue, see http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0

Having made this change to the server config, my cards now once again validate correctly.

Thanks for the assistance.


Twitter Card Error "ERROR: Fetching the page failed because other errors."
Twitter Card Validator displaying error message
Card Validator: Fetching the page failed because other errors
Twitter cards not working
SSL Handshake Error
Problems with reverse DNS lookup and SSL
Card validation ERROR: Fetching the page failed because SSL handshake error
Social Cards Not showing when link copied into Twitter
"ERROR: Fetching the page failed because SSL handshake error."
SSL Handshake Error
Twitter Card: ERROR: Fetching the page failed because other errors
ERROR: Fetching the page failed because the request timed out
Twitter Card
After July 27th: ERROR: Fetching the page failed because other errors
Large summary image unable to load image from IIIF image server
Not Whitelisted, unable to render, or no image: READ THIS FIRST
Lost card when I went secure
#11

Woah, ninja skills @deanswaydesign - thank you so much for sharing this awesome and detailed description :thumbsup:


#12

Weird. I am still having this problem. On Apache 2.4. On SSLLabsTest, I got an A+ for the SSL Cert https://www.ssllabs.com/ssltest/analyze.html?d=lesterchan.net

You can test it with this URI https://lesterchan.net/blog/2015/03/13/lesterchan-net-now-on-https/.

ServerName has been setup in Apache


#13

Same problem here…@andypiper any news from the Cards Team?


#14

I’m having the exact same problem. I’ve tested my SSL certificate on SSL labs with an A rating. I’ve made sure to change my ServerName and add an Alias to my site configuration in Apache. I’m not sure what else I can do. My url is https://www.marshalldurham.com.


#15

Hello All,

When we try to validate our url on given https://cards-dev.twitter.com/validator url. it gives me an error
ERROR: Fetching the page failed because SSL handshake error.
My Url
https://belive.mobi/multitvfinal/jwplayer/tw.html
Please help me…


#16

Hi,

I habe the same problem, but can not change anything on my server settings (sheared host). Is there anything I can do to avoid this problem?

cheers
cbmainz


#17

If you are having an SSL handshake issue then you will need to make sure that your site’s SSL certificate is valid and using a suitable cipher i.e. TLS SHA-256.


#18

We also have problem with our page : https://oneplace.marketplanet.pl/ogloszenie-publiczne/
Can you give us more detailed info what is main problem with our certificate?


#19

I’m currently unable to tell what the issue with your certificate might be.


#20

I get the same error with https://dominikschilling.de/wordpress-4-6-release-lead/.

I’ve contacted the support of my host and got this info:

It seems like the validator is using a Java version which doesn’t support DHE with 4K-DH parameters. Modern browsers are supporting this.