<div dir="ltr">I did an ssldump and this is the conversation between both servers:<br><br>New TCP connection #1: <a href="http://nginx.domain.net">nginx.domain.net</a>(46318) <-> <a href="http://backend.domain.net">backend.domain.net</a>((443)<br>TCP: <a href="http://nginx.domain.net">nginx.domain.net</a>((46318) -> <a href="http://backend.domain.net">backend.domain.net</a>((443) Seq 54751863.(307) ACK 350741031 PUSH<br>1 1  1421082336.3009 (0.0012)  C>SV3.1(302)  Handshake<br>       ClientHello<br>        Version 3.3<br>        random[32]=<br>          62 5f 64 b9 b1 3f b7 22 17 f0 87 92 f1 0e e5 9f<br>          5d c5 1b 66 c8 49 af 17 dc f7 5d b7 cc 7d 8d 49<br>        cipher suites<br>        Unknown value 0xc030<br>        Unknown value 0xc02c<br>        Unknown value 0xc028<br>        Unknown value 0xc024<br>        Unknown value 0xc014<br>        Unknown value 0xc00a<br>        Unknown value 0xa3<br>        Unknown value 0x9f<br>        Unknown value 0x6b<br>        Unknown value 0x6a<br>        Unknown value 0x39<br>        Unknown value 0x38<br>        Unknown value 0x88<br>        Unknown value 0x87<br>        Unknown value 0xc032<br>        Unknown value 0xc02e<br>        Unknown value 0xc02a<br>        Unknown value 0xc026<br>        Unknown value 0xc00f<br>        Unknown value 0xc005<br>        Unknown value 0x9d<br>        Unknown value 0x3d<br>        Unknown value 0x35<br>        Unknown value 0x84<br>        Unknown value 0xc02f<br>        Unknown value 0xc02b<br>        Unknown value 0xc027<br>        Unknown value 0xc023<br>        Unknown value 0xc013<br>        Unknown value 0xc009<br>        Unknown value 0xa2<br>        Unknown value 0x9e<br>        TLS_DHE_DSS_WITH_NULL_SHA<br>        Unknown value 0x40<br>        Unknown value 0x33<br>        Unknown value 0x32<br>        Unknown value 0x9a<br>        Unknown value 0x99<br>        Unknown value 0x45<br>        Unknown value 0x44<br>        Unknown value 0xc031<br>        Unknown value 0xc02d<br>        Unknown value 0xc029<br>        Unknown value 0xc025<br>        Unknown value 0xc00e<br>        Unknown value 0xc004<br>        Unknown value 0x9c<br>        Unknown value 0x3c<br>        Unknown value 0x2f<br>        Unknown value 0x96<br>        Unknown value 0x41<br>        TLS_RSA_WITH_IDEA_CBC_SHA<br>        Unknown value 0xc011<br>        Unknown value 0xc007<br>        Unknown value 0xc00c<br>        Unknown value 0xc002<br>        TLS_RSA_WITH_RC4_128_SHA<br>        TLS_RSA_WITH_RC4_128_MD5<br>        Unknown value 0xc012<br>        Unknown value 0xc008<br>        TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA<br>        TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA<br>        Unknown value 0xc00d<br>        Unknown value 0xc003<br>        TLS_RSA_WITH_3DES_EDE_CBC_SHA<br>        TLS_DHE_RSA_WITH_DES_CBC_SHA<br>        TLS_DHE_DSS_WITH_DES_CBC_SHA<br>        TLS_RSA_WITH_DES_CBC_SHA<br>        TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA<br>        TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA<br>        TLS_RSA_EXPORT_WITH_DES40_CBC_SHA<br>        TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5<br>        TLS_RSA_EXPORT_WITH_RC4_40_MD5<br>        Unknown value 0xff<br>        compression methods<br>                  NULL<br><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jan 6, 2015 at 5:12 PM, Lukas Tribus <span dir="ltr"><<a href="mailto:luky-37@hotmail.com" target="_blank">luky-37@hotmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">> I guess are running with an nginx executable from a third party, that has<br>
> been linked to an older release of openssl.<br>
<br>
</span>Since you can reproduce it with openssl s_client, it probably is more<br>
complicated than that.<br>
<br>
can you provide an ssldump of the failed connection attempt?<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
Lukas<br>
<br>
<br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</div></div></blockquote></div><br></div>