Page with ssl doesn't open from safari

patjomkin nginx-forum at nginx.us
Tue Jun 16 07:25:53 UTC 2015


Добрый день

Куплен UCC ssl сертификат у godaddy для 5 доменных имён.

Один из сайтов (располагается на отдельном сервере) не открывается из safari
"Safari can't open the page https://sendy.mysite.com because the server
unexpectedly dropped the connection. This sometimes occurs when the server
is busy. Wait for a few minutes, and then try again." В тоже время он
нормально открывается из всех остальных браузеров.


В самом логе nginx (nginx 1.8.0, ubuntu 14.04):

2015/06/15 09:48:27 [debug] 15611#0: *6 SSL NPN advertised
2015/06/15 09:48:27 [debug] 15611#0: *6 SSL_do_handshake: -1
2015/06/15 09:48:27 [debug] 15611#0: *6 SSL_get_error: 2
2015/06/15 09:48:27 [debug] 15611#0: *6 reusable connection: 0
2015/06/15 09:48:27 [debug] 15611#0: *6 SSL handshake handler: 0
2015/06/15 09:48:30 [debug] 29320#0: *7 SSL_do_handshake: -1
2015/06/15 09:48:30 [debug] 29320#0: *7 SSL_get_error: 2
2015/06/15 09:48:30 [debug] 29320#0: *7 reusable connection: 0
2015/06/15 09:48:31 [debug] 29320#0: *7 SSL handshake handler: 0
2015/06/15 09:48:33 [debug] 29322#0: *8 SSL_do_handshake: -1
2015/06/15 09:48:33 [debug] 29322#0: *8 SSL_get_error: 2
2015/06/15 09:48:33 [debug] 29322#0: *8 reusable connection: 0
2015/06/15 09:48:33 [debug] 29322#0: *8 SSL handshake handler: 0

Конфиг:

server {
    listen       80;
    server_name  sendy.mysite.com;

    location / {
                rewrite     ^(.*)   https://sendy.mysite.com$1 permanent;
        }
}


server
    {
        listen 443;
        server_name sendy.vaksmanlaw.com;

        ssl on;
        ssl_certificate /etc/nginx/ssl/www.mysite2.com.crt;
        ssl_certificate_key /etc/nginx/ssl/www.mysite2.com.key;

        index index.php index.html;
        root /home/ubuntu/sendy;
        access_log /var/log/nginx/sendy.access.log;
        error_log /var/log/nginx/sendy.error.log debug;
        proxy_buffers 8 32k;
        proxy_buffer_size 64k;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;

        location = / {
                index index.php; }

        location / {
                if (!-f $request_filename){
                        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;}
                }

        location /l/ {
                rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; }

        location /t/ {
                rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; }

        location /w/ {
                rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; }

        location /unsubscribe/ {
                rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; }

        location /subscribe/ {
                rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; }

        location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
                expires max;
                log_not_found off; }

        location ~ \.php {
                fastcgi_index index.php;
                include fastcgi_params;
                keepalive_timeout 0;
                fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
                fastcgi_pass unix:/var/run/php5-fpm.sock; }
    }

Все остальные сайты/домены располагаются на другом сервере с тем же ucc
сертификатом, открываются в сафари без проблем.

В чем может быть проблема?

Posted at Nginx Forum: http://forum.nginx.org/read.php?21,259638,259638#msg-259638



Подробная информация о списке рассылки nginx-ru