Skip to main content

I am trying to build a custom integration to connect to an on prem server running a certain service and running it via an integration instance with a remote agent.

I keep hitting this error when attempting to connect:

Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1006)'))) 

ssl_wrap_socket ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls, server_hostname)

/usr/local/lib/python3.11/ssl.py", line 1104, in _create self.do_handshake() File "/usr/local/lib/python3.11/ssl.py", line 1382, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1006)

Has anyone else come across this?

 

 

@donkos, have you tried not requiring "Verify SSL" for the integration using the remote agent?

For some of our integrations we have had to do that when going through the remote agent (seems like cert management isn't trivial).

Unchecking that makes no difference to the error @_K_O 

Unchecking that makes no difference to the error @_K_O 


Without knowing more about the tech or code, it's very difficult to help debug - generically you can look into the SSL protocol the server supports and ensure that you have a matching python request for it, or test it out by removing SSL verification from the Python code and seeing if the verification is the issue (which I assume it is). Other than than, maybe test out the certs without the remote agent locally and see if the remote agent itself is the issue. 

 

Our remote agents run in docker containers - I can access the endpoint just fine via a curl command from the server but not from the docker container.

Code wise, its a very simple usage of requests:

        self.session = requests.session()
        self.session.auth = HTTPBasicAuth(self.username, self.password)
       
        self.session.verify = true (I have tried setting this to false as well)
        self.session.headers.update({"Content-Type": "application/json"}) 
        response = self.session.get(url)

It turns out the internal service running on the internal server had a weak cipher suite which meant I had to following snippet:

class TLSAdapter(HTTPAdapter):
    def init_poolmanager(self, *args, **kwargs):
        context = ssl.create_default_context()
        context.set_ciphers("DEFAULT:@SECLEVEL=1")
        kwargs['ssl_context'] = context
        return super().init_poolmanager(*args, **kwargs)

self.session.mount("https://", TLSAdapter())

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.