Unsupported or unrecognized SSL message: Any other options to solve?

[somexp12]

Please forgive the ignorance of this question. Just a QA guy running into an issue that is a bit larger than me. I appreciate any help.

I'm getting a 502 response code when using ZAP's manual explore feature. The root cause is reported to be "SSLException: Unsupported or unrecognized SSL message".

As some additional context, I am able to access the landing page of the site. It is when I attempt my first POST request that I get this problem. I access the landing page with http from nginx, then send a HTTPS OPTIONS request through it to tomcat on port 8444, which redirects to 8443. 8443 on tomcat has SSL enabled and is using Http11NioProtocol.

The application gave me a link to go to for further information, and I have followed the steps there, but the situation is the same.

The site I went to was https://www.zaproxy.org/faq/how-to-connect-to-an-https-site-that-reports-a-handshake-failure/ , and the specific steps I took were:
-Checking "Enable SSL/TLS renegotiation" in Tools->Options->Client Certificate
-Ensuring that SSLv2Hello was unchecked
-Adding the JCE jars to JAVA_HOME\jre\lib\security.

Some additional detals:
-ZAP version 2.9.0
-Using Firefox
-The application in question has and NGINX frontend with a tomcat backend.

Not sure what else I am able to do or how to troubleshoot this.

Thank you for any assistance you can provide.

[somexp12]

Well, it turns out that the first thing I tried actually did the trick. Simply turned off the antivirus.

Probably didn't notice it the first time, because there was a lag between when I did it and when it took effect. Should have kept it off, regardless, though.

[Simon Bennetts]

Good to hear that its working for you :)

We should update that FAQ to mention turning off any antivirus...