[GH-ISSUE #1423] SSLV3_ALERT_CERTIFICATE_UNKNOWN #1415

New issue

Open

opened 2026-03-03 19:51:19 +03:00 by kerem · 12 comments

kerem commented 2026-03-03 19:51:19 +03:00

Owner

Copy link

Originally created by @carppond on GitHub (Nov 2, 2022).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1423

Originally assigned to: @NghiaTranUIT on GitHub.

handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436502 error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN at /Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-chrjhjrygpkcrggquryyaaqcgvhz/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594]))

我在抓包的过程中遇到了这个问题，其中链接的相关 header 如下。在 charles 并没有这个问题
content-type: application/x-thrift
accept: application/x-thrift

Originally created by @carppond on GitHub (Nov 2, 2022). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1423 Originally assigned to: @NghiaTranUIT on GitHub. handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436502 error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN at /Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-chrjhjrygpkcrggquryyaaqcgvhz/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594])) 我在抓包的过程中遇到了这个问题，其中链接的相关 header 如下。在 charles 并没有这个问题 content-type: application/x-thrift accept: application/x-thrift

kerem added the

bug

label 2026-03-03 19:51:19 +03:00

kerem commented 2026-03-03 19:51:19 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Nov 3, 2022):

Can you elaborate where the source of the request? For example, it's from the iOS, Android app (Native, Flutter, or React Native), Web Browser, or Server?

I'd like to investigate.

<!-- gh-comment-id:1301735868 --> @NghiaTranUIT commented on GitHub (Nov 3, 2022): Can you elaborate where the source of the request? For example, it's from the iOS, Android app (Native, Flutter, or React Native), Web Browser, or Server? I'd like to investigate.

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@efa2d19 commented on GitHub (Nov 3, 2022):

Faced same stuff recently in RN app on android.
Recreated and reinstalled certificate and then run adb reboot and everything was fixed
upd: More useful info: it happened in Android Studio emulator (resizable; API 33), user certificates was allowed to be used in the manifest

Proxyman 3.12.0
MacBookAir10,1 Z1240004
MacOS 13.0 (22A380)

<!-- gh-comment-id:1301971782 --> @efa2d19 commented on GitHub (Nov 3, 2022): Faced same stuff recently in RN app on android. Recreated and reinstalled certificate and then run `adb reboot` and everything was fixed upd: More useful info: it happened in Android Studio emulator (resizable; API 33), user certificates was allowed to be used in the manifest Proxyman 3.12.0 MacBookAir10,1 Z1240004 MacOS 13.0 (22A380)

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@zh-d-d commented on GitHub (Nov 15, 2022):

when I use Proxyman watch MacOS application also faced the problem.

Proxyman Version 3.13.0
MacOS Apple M1 Pro

<!-- gh-comment-id:1314927059 --> @zh-d-d commented on GitHub (Nov 15, 2022): when I use Proxyman watch MacOS application also faced the problem. Proxyman Version 3.13.0 MacOS Apple M1 Pro

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Nov 15, 2022):

@zh-d-d if you have installed & trusted the certificate on your Mac, it means Proxyman is ready to intercept HTTPS traffic from other MacOS app.

If you get SSL Error, it means this app might has SSL Pinning which prevents Proxyman to internet.

If you don't mind, what macOS you're using?

<!-- gh-comment-id:1314929607 --> @NghiaTranUIT commented on GitHub (Nov 15, 2022): @zh-d-d if you have [installed & trusted the certificate on your Mac](https://docs.proxyman.io/debug-devices/macos), it means Proxyman is ready to intercept HTTPS traffic from other MacOS app. If you get SSL Error, it means this app might has SSL Pinning which prevents Proxyman to internet. If you don't mind, what macOS you're using?

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Nov 15, 2022):

There are many reasons, each reason needs a particular solution to fix it. You guys can checkout the troubleshooting: https://docs.proxyman.io/troubleshooting/get-ssl-error-from-https-request-and-response

If it doesn't cover your case, please let me know some information:

• What is the name of the app?
• System OS?
• Is it a native/react native/flutter?
• Is it a CLI or from Web Browser?

<!-- gh-comment-id:1314931398 --> @NghiaTranUIT commented on GitHub (Nov 15, 2022): There are many reasons, each reason needs a particular solution to fix it. You guys can checkout the troubleshooting: https://docs.proxyman.io/troubleshooting/get-ssl-error-from-https-request-and-response If it doesn't cover your case, please let me know some information: - What is the name of the app? - System OS? - Is it a native/react native/flutter? - Is it a CLI or from Web Browser?

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@zh-d-d commented on GitHub (Nov 24, 2022):

thanks for your replay
app name : dbschema
System OS : macOS Monterey

<!-- gh-comment-id:1325842859 --> @zh-d-d commented on GitHub (Nov 24, 2022): thanks for your replay app name : [dbschema](https://dbschema.com/) System OS : macOS Monterey

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Nov 24, 2022):

@zh-d-d React Native requires extra configs to make it works. Have you followed this setup guide: https://docs.proxyman.io/debug-devices/react-native ?

<!-- gh-comment-id:1325843401 --> @NghiaTranUIT commented on GitHub (Nov 24, 2022): @zh-d-d React Native requires extra configs to make it works. Have you followed this setup guide: https://docs.proxyman.io/debug-devices/react-native ?

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@zh-d-d commented on GitHub (Nov 24, 2022):

@zh-d-d React Native requires extra configs to make it works. Have you followed this setup guide: https://docs.proxyman.io/debug-devices/react-native ?

sorry , I have update information .

dbschema it's a macOS pc app, not mobile

<!-- gh-comment-id:1325847017 --> @zh-d-d commented on GitHub (Nov 24, 2022): > @zh-d-d React Native requires extra configs to make it works. Have you followed this setup guide: https://docs.proxyman.io/debug-devices/react-native ? sorry , I have update information . [dbschema](https://dbschema.com/) it's a macOS pc app, not mobile

kerem commented 2026-03-03 19:51:20 +03:00

Author

Owner

Copy link

@zhumanrakhat commented on GitHub (Nov 24, 2022):

Hi, also got this error in postman app

Error: write EPROTO 50005512:error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN:../../../../src/third_party/boringssl/src/ssl/tls_record.cc:594:SSL alert number 46

<!-- gh-comment-id:1325946789 --> @zhumanrakhat commented on GitHub (Nov 24, 2022): Hi, also got this error in postman app Error: write EPROTO 50005512:error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN:../../../../src/third_party/boringssl/src/ssl/tls_record.cc:594:SSL alert number 46

kerem commented 2026-03-03 19:51:21 +03:00

Author

Owner

Copy link

@burakkarakus commented on GitHub (Jan 3, 2023):

Any updates on this bug? I have the same error: handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436502 error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN at /Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-chrjhjrygpkcrggquryyaaqcgvhz/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594]))

It works for many websites but not working for the one I need :)

<!-- gh-comment-id:1369804236 --> @burakkarakus commented on GitHub (Jan 3, 2023): Any updates on this bug? I have the same error: handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436502 error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN at /Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-chrjhjrygpkcrggquryyaaqcgvhz/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594])) It works for many websites but not working for the one I need :)

kerem commented 2026-03-03 19:51:21 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jan 3, 2023):

Can you share some information about your endpoint @burakkarakus ?

• If it's a mobile app, Does it has SSL Pinning?
• If it's from your MacBook, what is your development env? Python, Ruby, Ruby, ...

<!-- gh-comment-id:1369834330 --> @NghiaTranUIT commented on GitHub (Jan 3, 2023): Can you share some information about your endpoint @burakkarakus ? - If it's a mobile app, Does it has SSL Pinning? - If it's from your MacBook, what is your development env? Python, Ruby, Ruby, ...

kerem commented 2026-03-03 19:51:21 +03:00

Author

Owner

Copy link

@burakkarakus commented on GitHub (Jan 4, 2023):

Hello NghiaTranUIT, after you asked I realized that our mobile app has SSL Pinning, so nothing wrong with your software seemingly. Probably that SSLV3 alert is because of that. Thanks for your quick response btw.

<!-- gh-comment-id:1370858065 --> @burakkarakus commented on GitHub (Jan 4, 2023): Hello NghiaTranUIT, after you asked I realized that our mobile app has SSL Pinning, so nothing wrong with your software seemingly. Probably that SSLV3 alert is because of that. Thanks for your quick response btw.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

6.9.0

6.8.0

6.7.0

6.6.0

6.5.0

6.4.0

6.3.0

6.2.0

6.1.0

6.0.2

6.0.0

6.0.1

5.25.0

5.24.0

5.23.0

5.23.1

5.22.0

5.20.0

5.21.0

5.19.0

5.18.0

5.17.0

5.16.0

5.15.0

5.14.0

5.12.2

5.12.1

5.12.0

5.11.0

5.10.0

5.8.0

5.9.0

5.7.0

5.6.1

5.6.0

5.5.0

5.4.0

5.2.0

5.3.0

5.1.1

5.0.0

4.16.0

4.15.0

4.14.0

4.13.0

4.12.0

4.11.0

4.10.0

4.9.1

4.9.0

4.8.2

4.8.1

4.8.0

4.7.1

4.7.0

4.6.1

4.6.0

4.5.0

4.4.0

4.3.1

4.3.0

4.2.1

4.2.0

4.1.0

4.0.0

3.15.0

3.14.0

3.13.0

3.12.0

3.11.0

3.10.0

3.9.0

3.8.0

3.7.0

3.6.2

3.6.1

3.6.0

3.5.2

3.5.1

3.5.0

3.4.0

3.3.0

3.2.0

3.1.0

3.0.0

2.35.4

2.35.3

2.35.2

2.35.1

2.35.0

2.34.1

2.34.0

2.33.0

2.32.1

2.32.0

2.31.0

2.30.0

2.29.0

2.28.0

2.27.0

2.26.0

2.25.0

2.24.0

2.23.0

2.22.0

2.21.1

2.21.0

2.20.0

2.19.0

2.18.0

2.17.0

2.16.1

2.16.0

2.15.2

2.15.1

2.15.0

2.14.2

2.14.1

2.14.0

2.13.0

2.12.0

2.11.1

2.11.0

2.10.0

2.9.1

2.9.0

2.8.0

2.7.0

2.6.0

2.5.3

2.5.2

2.5.1

2.5.0

2.4.2

2.4.1

2.4.0

2.3.0

2.2.0

2.1.1

2.1.0

2.0.1

2.0.0

1.24.0

1.23.0

1.22.0

1.21.0

1.20.0

1.19.0

1.18.1

1.18.0

1.17.1

1.17.0

1.16.0

1.15.0

1.14.1

1.14.0

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.7

1.4.6

1.4.5.1

1.4.5

1.4.4.1

1.4.4

1.4.3

1.4.2

1.4.1.1

1.4.1

1.4

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4.3

1.3.4.2

1.3.4.1

1.3.4

1.3.3

1.3.2

1.3.1

1.3

1.2

1.1.2

1.1.1

1.1

1.0.3

1.0.2

1.0

0.8.1

0.8

0.7

0.6

0.5.1

0.5

v0.4.1

Labels

Clear labels   

Discussion

  

Feature request

  

In Progress...

  

Plugins

  

Waiting response

  

Windows

  

Windows

  

bug

  

duplicate

  

enhancement

  

feature

  

good first issue

  

iOS

  

macOS 10.11

  

question

  

wontfix

  

✅ Done

No labels

Discussion

Feature request

In Progress...

Plugins

Waiting response

Windows

Windows

bug

duplicate

enhancement

feature

good first issue

iOS

macOS 10.11

question

wontfix

✅ Done

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/Proxyman#1415

No description provided.