SSL renegotiation probelm using nginx as reverse proxy to apache
Jonathan Matthews
contact at jpluscplusm.com
Fri Apr 4 08:32:37 UTC 2014
On 4 Apr 2014 01:57, "sean_at_stitcher" <nginx-forum at nginx.us> wrote:
> I'm not sure I understand why apache wants to renegotiate with nginx, nor
> why nginx doesn't seem to want to do it (despite apache thinking it can.)
I vaguely recall seeing (on this list) the suggestion that Apache does this
(at least) when a request's post-SSL-negotiation, HTTP/layer-7 details
change Apache's idea of where/how the request should be handled. If that's
happening here, perhaps Apache is seeing your SSL* settings in different
vhosts as being different - even though they aren't really.
What happens if you move the SSL* directives up a level? Maybe not the
on/off flag - just the cipher/cert/key/info ones.
HTH,
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140404/cc167a9a/attachment.html>
More information about the nginx
mailing list