<div dir="ltr"><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">Hello,<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">The error comes from OpenSSL.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">
<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">From its name, I wouldsay the constant being check is one that OpenSSL sets during handshake.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">
>From its name too, I wouls say this applies to a SSLv3 handshake. OpenSSL has a corresponding TLSv1 constant named DTLS1_SEND_SERVER_KEY_EXCHANGE.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">
Seems like a bug, possibly related to the (non widespread) use of ECC certificates.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)"><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">
Before really calling out for a bug: you say SSLv3 is disabled. Please be really sure of that.<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">Check the OpenSSL library your nginx has been linked against. I suggest you update that package on your system and retry.<br>
</div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">Try balance between sufficiently up-to-date version and avoinding versions with well-known vulnerabilities.<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">
Hope I helped,<br></div><div class="gmail_extra"><div><font size="1"><span style="color:rgb(102,102,102)">---<br></span><b><span style="color:rgb(102,102,102)">B. R.</span></b><span style="color:rgb(102,102,102)"></span></font></div>
</div></div>