SslHandshakeError on Card Validator


When I try to test my domain in the validator I get:

ERROR: Failed to fetch page due to: SslHandshakeError

I am using a wildcard SSL cert on the domain and using CloudFront to serve the page (which I think is the problem). I ran into this problem with Java 6 in the past, not sure if this is related or not.

Is there a way to debug this further?


Any ideas? Both Facebook and Google parse the site just fine. I’m not sure where Twitter is getting hung up so it’s difficult to debug on my end. Thanks!


I’m having the same problems.

I wonder if this is because the validator does not support Server Name Indication (SNI) for SSL? Cloudfront relies on SNI so that it doesn’t have to assign a dedicated IP address to each SSL endpoint.


Yes, that’s exactly it. It appears that they are using Java 6 which does not support SNI. Unless Twitter plans on updating their Java version, the only solution is to pay the $600 a month for a dedicated IP or not use Cloudfront for the entire site.

It was cheaper for us to spin up a beanstalk with a tomcat server and install the SSL cert on that.


Hi @dssupport, it looks like your card at is working. Are you having issues with other URLs or domains?


Nope, we fixed it, thanks!


Hey @jbulava, we’re having the same issue for - could you please take a look at that? I’d really like to find out what the underlying problem is


I will reach out to the engineering team about the SSL error as I am unsure myself. Apologies for the trouble.


Hey @jbulava, is there any update on this? We’re running into the same issue with CloudFront and moving to an implementation that does not require any SNI would be a major hurdle for us. Other popular crawlers and bots work fine. Fixing this would require us to eliminate the benefits of our CDN and SSL offloading.



Any update on this? Anyone using Cloudfront and Amazon right now cant use Twitter cards.



Hi @jbulava, all

I have a similar issue with my domain - can’t validate the card as it complains about the handshake error. Yet, my website lods w/ SSL correctly on the browser, e.g.

I’m using SNI for my certificate and found that it fails on command line with

openssl s_client -connect www[DOT]

but works with

openssl s_client -servername www[DOT] -connect www[DOT]

(Had to use [DOT] to make the post valid in the previous commands)

So I’m wondering if you support SNI w/ SSL?



We are having the same issue with Google App Engine.


+1 We are seeing the same problem.


@jbulava Any update on this? We have no problems with Facebook or Google Plus, but Twitter cards integration seems pretty broken right now.


We have deployed a new release, would you please try again?


I too am getting this error. I just noticed that none of the links were showing the cards lately, and I did just add SSL to my server a few days ago. What gives? As others have said, Googe, Twitter, etc works fine. It is only twitter cards that are currently giving errors for my site after adding SSL.


Just checking in to see if this is still an issue for people. All URLs provided above (that also have Twitter meta data) appear to be validating correctly.

@NightSurge, you are the last person to post after a fix was implemented. If you are still having an issue, please reply with a URL to debug.


Still getting error. If I simply remove the s from https it works, but my site uses SSL, so I can’t simply do that.


Our site now works, but we’ve moved to a different infrastructure.


our site is still getting this same error
twitter cards are getting a 404 error where the image is supposed to be when you open them.