SSL routines:tls_process_client_hello:version too low
Sergey Kandaurov
pluknet at nginx.com
Tue Sep 29 21:38:30 UTC 2020
> On 28 Sep 2020, at 23:12, jriker1 <nginx-forum at forum.nginx.org> wrote:
>
> Hope I can post this as Chrome keeps complaining this site has a data
> breach.
The primary interface is using mailing lists:
http://nginx.org/en/support.html
>
> I have been using NGINX to route my 443 traffic for two servers for a while
> now. Now I can't get my RDP side of things working. Not sure why as it
> used to work. RDP is thru Essentials Server 2016 and it's Remote Web
> Access. I can get to the website but when I try to pull up one of my
> servers it fails. So the website works, the second server I'm using on 443
> works, but not the RDP side of things. it does work if I remove NGINX and
> set 443 to route directly to the Essentials Server thru my router so know
> it's working still. What I get in the error logs when this happens is:
>
> 2020/09/28 05:09:50 [crit] 7556#7556: *1366 SSL_do_handshake() failed (SSL:
> error:1417D18C:SSL routines:tls_process_client_hello:version too low) while
> SSL handshaking, client: 107.6.171.130, server: 0.0.0.0:443
> 2020/09/28 06:01:06 [crit] 7556#7556: *1385 SSL_do_handshake() failed (SSL:
> error:1417D18C:SSL routines:tls_process_client_hello:version too low) while
> SSL handshaking, client: 107.6.171.130, server: 0.0.0.0:443
>
You didn't provide nginx version, but
the error message suggests you are using OpenSSL 1.1.0.
I don't know what is Essentials Server 2016, but if it is something
from Microsoft, then I heard that it still prefers to use TLSv1.
Then you might want to look at this thread as somewhat related:
http://mailman.nginx.org/pipermail/nginx/2018-November/057154.html
--
Sergey Kandaurov
More information about the nginx
mailing list