Problem with ECC certificates
mdounin at mdounin.ru
Fri May 9 01:06:08 UTC 2014
On Wed, May 07, 2014 at 08:30:37PM +0200, Markus Weippert wrote:
> On 04.05.2014 16:52, Markus Weippert wrote:
> > I'm having some strange issues using nginx 1.6 with ECC certs.
> > Handshakes fail for clients using TLSv1.2 and SNI but only if the
> > requested server block is not the default_server.
> Had a further look into that. The problem seems to occur if nginx is
> built against openssl shipped with Ubuntu 12.04. The official repository
> version of nginx is also affected.
> Compiling nginx with the latest upstream release works as expected.
> Also, no problems on Ubuntu 13.10.
The "SSL3_SEND_SERVER_KEY_EXCHANGE:internal error" message comes
from OpenSSL, so it looks like the problem is OpenSSL version
More information about the nginx