Intermittent SSL/TLS errors

We are having some SSL/TLS errors on production servers with our application that uses the Zoom API. This is a JWT application with a .NET client running in Windows Server 2012 R2.

The application can connect and normally makes some successful calls, downloading first a list of users and then recordings and meeting details. Intermittently (but frequently) we are getting connection errors. The .NET client gives the following error:
The request was aborted: Could not create SSL/TLS secure channel.

We did some monitoring with Wireshark and found the following TLSv1.2 packet info:
Alert (Level: Fatal, Description: Bad Record MAC)

This packet is right after a “Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message” packet.

In the rest of the trace, we normally see a “Change Cipher Spec, Encrypted Handshake Message” packet following that. So it seems like some type of handshake problem.

The endpoint we are seeing the error with is most often:
https://api.zoom.us/v2/users/{userId}/recordings

However, we are often able to successfully make a call to this endpoint. These errors are sporadic but frequent enough where they are giving us some real problems with our application. Please let me know if you can help or if more info would be helpful. Thanks.

I would recommend looking at this SO post: openssl - bad_record_mac issue on TLS1.2 - Stack Overflow

This is likely a configuration issue on the servers executing the calls, since we don’t have any other customers or developers reporting this issue currently. Typically, if there was an issue with encryption on Zoom’s side, it would be very wide spread. The fact this happens sporadically, leads me to think the SO post above is going to point you in the right direction to solve this issue from your side of things.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.