SSL Problems with 0.7.[78]

Joshua Schmidlkofer joshland at
Wed Aug 6 22:38:22 MSD 2008

I put up a gentoo box this weekend, and I installed nginx 0.7.7 on it.
  I put a php backend on via fastcgi.   No matter what I did,
Firefox+HTTPS didn't work properly.  I used Firefox 3.0.x from Mac and
Linux.  Webkit/Safari worked almost 100%. (I had one problem, which
may have been an aberration.)   I tried many things, and always I
could get one or two pages to successfully to load, then the next time
I clicked the page would never complete loading.

roundcube - 0.1 and 0.2alpha
openssl 0.9.8g
nginx 0.7.7, 0.7.8
Godaddy signed chained certificates

No startup errors were found in either PHP or Nginx.

If I killed php-cgi, and restarted, there would be no effect.

If I restarted NGINX, then the browser load would (of course) stop.
Often times the page would be incomplete.

I enabled http:// for the site, and it worked fine.  I tried a variety
of options for 0.7, and was unable to succeed.

<ssl config>
ssl                  on;
ssl_certificate      /etc/ssl/cert.bundle.pem;
ssl_certificate_key  /etc/ssl/private/sslcertificate.key;
keepalive_timeout    70;
ssl_session_cache    shared:SABIO:10m;
ssl_session_timeout  30m;
ssl_protocols        SSLv3;
ssl_ciphers          ALL:!CAMELLIA;
</ssl config>

I tried a variety of settings, but ultimately nothing worked until I
downgraded to nginx-0.6.32.   Now, with the exact same config
everything is working.


Gentoo USE Flags for NGINX:
 fastcgi flv imap pcre ssl webdav zlib -addition -debug -perl -status -sub

More information about the nginx mailing list