AWS Route53 SSL communication failure: Received fatal alert

Question

I have one site deployed on AWS Rosa. This site is secured with https protocol. I am trying to create Route53 healthcheck for that site. The Route53 healthcheck fails stating reason -

**Failure: Resolved IP: x.x.x.x. SSL communication failure: Received fatal alert: protocol_version**

However I am able to access the site on browser.
As mentioned at- 
https://aws.amazon.com/premiumsupport/knowledge-center/route-53-fix-unhealthy-health-checks/

following curl command returns me httpcode 200 and response time less than 1 second

```
curl -Ik -w "HTTPCode=%{http_code} TotalTime=%{time_total}
" ://:/

Answer

Hello,

Generally speaking, this error - `Received fatal alert: protocol_version` is usually raised when there is a **mismatch found in the SSL protocol version**.

To troubleshoot the TLS version we will need to investigate verbose details on the domain/endpoint -

`$  curl -v [domain]`

And as you may know curl has an option - `tls-max` [1] to control the TLS version used, which can be used to then compare what minimum version is the website accepting to confirm if there's a mismatch between the protocol being used and what is being accepted by the website -

`$ curl -v [domain] --tls-max 1.2`

**Important Note - Please do not post any sensitive information about your domain/endpoint, your cURL logs or your AWS resources over re:Post since this is a public platform.**

If the suggestions above do not help resolve the issue, we would have to troubleshoot based on your configurations. Could you please create a support case with our premium support team instead so we may discuss details on your resource configurations?

________
________

References:

[1] https://curl.se/docs/manpage.html#:~:text=remote%2Dtime.-,%2D%2Dtls%2Dmax%20%3CVERSION%3E,-(SSL)%20VERSION%20defines

AWS Route53 SSL communication failure: Received fatal alert

Relevanter Inhalt