when using cipher suite that Diffie-Hellman key exchange is part of I can see that sometimes SSL handshake fails on bad MAC. It's enough to use 'openssl s_client' against 'openssl s_server' on any machine. Grepping the log we can see that some of those connections failed:
jp161948:andal:snv_57:~$ grep CONNECTED output | wc -l
526
jp161948:andal:snv_57:~$ grep 'alert bad record mac' output | wc -l
3
this is the case as shown by s_client:
jp161948:andal:snv_57:~$ openssl s_client -tls1 -connect ogma.czech:444 </dev/null
CONNECTED(00000004)
depth=0 /C=cz/L=prg/O=sun/OU=sec/CN=ogma.czech.sun.com/emailAddress=jp@
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=cz/L=prg/O=sun/OU=sec/CN=ogma.czech.sun.com/emailAddress=jp@
verify return:1
18524:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac:../../../../common/openssl/ssl/s3_pkt.c:1057:SSL alert number 20
18524:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:../../../../common/openssl/ssl/s3_pkt.c:534:
Previously, this was being solved as part of 6540060 until I realized that even when the outcome was the same, the reasons were different. That's why I split the bugs for easier future referrence.
The problem is than sometimes, usually once per 100-300 SSL handshakes that use DH for key exchange, the handshake fails on bad MAC. See evaluation for information on how to reproduce it and for full analysis of the problem.
Work Around
Use RSA based cipher suites only, do not use DH based ones. Select one of output:
openssl ciphers -tls1 -v 'RSA:!EXP:!NULL':
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
I suggest AES128-SHA.