Error: "Handshake message sequence violation" on AirWatch Tunnel when attempting to view internal websites

Symptoms

You are unable to access internal sites through the AirWatch Tunnel.  In Safari, you see the error message:

Safari cannot open the page because the network connection was lost.

In the Tunnel endpoint logs, you see the error message

Caught an exception on ClientToProxyConnection
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLProtocolException: Handshake message sequence violation

 

Resolution

The AirWatch Tunnel endpoint is unable to establish an SSL connection.  The connection attempt is failing during the SSL handshake.  Typically this error is seen when using CentOS 6.5, and is due to unsupported cipher suites being used during the handshake.  

To ensure that the latest cipher suites are installed on CentOS you can update OpenSSL by running the following command:

yum update openssl

After the update is complete, make sure to restart the AirWatch services.

Have more questions? Submit a request

0 Comments

Article is closed for comments.