SSL Problems with 0.7.[78]
Joshua Schmidlkofer
joshland at gmail.com
Wed Aug 6 22:38:22 MSD 2008
I put up a gentoo box this weekend, and I installed nginx 0.7.7 on it.
I put a php backend on via fastcgi. No matter what I did,
Firefox+HTTPS didn't work properly. I used Firefox 3.0.x from Mac and
Linux. Webkit/Safari worked almost 100%. (I had one problem, which
may have been an aberration.) I tried many things, and always I
could get one or two pages to successfully to load, then the next time
I clicked the page would never complete loading.
php-5.6.2
roundcube - 0.1 and 0.2alpha
openssl 0.9.8g
nginx 0.7.7, 0.7.8
Godaddy signed chained certificates
No startup errors were found in either PHP or Nginx.
If I killed php-cgi, and restarted, there would be no effect.
If I restarted NGINX, then the browser load would (of course) stop.
Often times the page would be incomplete.
I enabled http:// for the site, and it worked fine. I tried a variety
of options for 0.7, and was unable to succeed.
<ssl config>
ssl on;
ssl_certificate /etc/ssl/cert.bundle.pem;
ssl_certificate_key /etc/ssl/private/sslcertificate.key;
keepalive_timeout 70;
ssl_session_cache shared:SABIO:10m;
ssl_session_timeout 30m;
ssl_protocols SSLv3;
ssl_ciphers ALL:!CAMELLIA;
</ssl config>
I tried a variety of settings, but ultimately nothing worked until I
downgraded to nginx-0.6.32. Now, with the exact same config
everything is working.
Sincerely,
Joshua
Gentoo USE Flags for NGINX:
fastcgi flv imap pcre ssl webdav zlib -addition -debug -perl -status -sub
More information about the nginx
mailing list