SSL handshake failed with mutual TLS

Francis Daly francis at
Sun Jun 19 09:09:39 UTC 2016

On Sat, Jun 18, 2016 at 11:29:49AM +0300, Andrey Novikov wrote:

Hi there,

> We've successfully configured interaction with two of these systems
> (all with mutual TLS), and when pointed another one to this server
> we've got next message in the error.log (log level for error log is
> set to debug):
> 2016/06/16 18:07:55 [info] 21742#0: *179610 SSL_do_handshake() failed
> (SSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
> certificate:SSL alert number 42) while SSL handshaking, client:
>, server:
> What can cause this message? How to debug it?

I think that this message (can|does) mean that the far side did not like
something about your certificate.

If that is the case - are there any logs on the thing connecting to
nginx about what it thinks happened in the TLS negotiation?


Francis Daly        francis at

More information about the nginx mailing list