Bad Decompression error after default ssl_session_timeout
mdounin at mdounin.ru
Tue May 22 17:27:44 UTC 2012
On Tue, May 22, 2012 at 03:15:31AM -0400, lima wrote:
> I have an LB setup with nginx for an ssl enabled site which load balance
> with 2 apache servers. All the servers are CentOS5.5* and OpenSSL
> 0.9.8e-fips-rhel5 01 Jul 2008. Also we are using the same SSL
> certificate on all the 3 servers.
> It does load balance perfectly untill 5m. After that it raises an
> [crit] 5179#0: *6 SSL_do_handshake() failed (SSL: error:1408F06B:SSL
> routines:SSL3_GET_RECORD:bad decompression) while SSL handshaking to
> upstream, client: clientip, server: lb.abcd.net, request: "GET /search/
> HTTP/1.1", upstream: "https://server1-ip:443/search/", host:
> This error happens for both server1 and server2. After this, the load
> balancer is not working.
> What can be the issue? Thanks in advance.
This looks like problem with session resumption and compression in
OpenSSL version you are using. Obvious workaround is to use
in nginx config, see http://nginx.org/r/proxy_ssl_session_reuse.
Alternatively you may try upgrading openssl or recompiling one you
are using without zlib support.
More information about the nginx