SSL https weird message: first record does not look like a tls handshake [SOLVED]

leogazio · March 29, 2018, 8:20am

Hey there, I’m using the following code to serve https, everything is going well, client sees the page as expected, no ssl error, everything working, no log is generated, but the message; “first record does not look like a tls handshake.” shows up almost every second, this message is printed hundreds of times. Below the code that I use;

	err := http.ListenAndServeTLS(":81", PastaCertSSL+"hlsatsslcrt.pem", PastaCertSSL+"server.key", nil)
	if err != nil {
		GeraLog(err.Error())
	}

Client access using the correct url;

https://sub.mydomain.tld:81/

Anyone know how to fix it?

calmh · March 31, 2018, 3:03am

This means someone connected and tried to speak not-TLS. Perhaps you have image links with plain http in them, or something similar.

leogazio · April 1, 2018, 8:32pm

That’s a rest API, there’s no image and no HTML insde that, it’s just a rest API that writes a json to the output…

acim · April 2, 2018, 10:22pm

What do you mean by client? Is it web browser or something else?

leogazio · April 3, 2018, 8:54pm

I meant my customer, sorry.

acim · April 3, 2018, 9:26pm

Are you sure their http client really use TLS?

leogazio · April 3, 2018, 9:29pm

I found the mistery, that rest api feeds an Android app and some of the devices were still out of date and trying to connect the old http url, as the url was the same and at the same port having the https as the only difference, the devices were reaching the new tls, that’s why the handshake warning. Thanks guys.

system · July 2, 2018, 9:29pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.