Problem with ECC certificates

Maxim Dounin mdounin at
Fri May 9 01:06:08 UTC 2014


On Wed, May 07, 2014 at 08:30:37PM +0200, Markus Weippert wrote:

> On 04.05.2014 16:52, Markus Weippert wrote:
> > I'm having some strange issues using nginx 1.6 with ECC certs.
> > Handshakes fail for clients using TLSv1.2 and SNI but only if the
> > requested server block is not the default_server.
> Had a further look into that. The problem seems to occur if nginx is
> built against openssl shipped with Ubuntu 12.04. The official repository
> version of nginx is also affected.
> Compiling nginx with the latest upstream release works as expected.
> Also, no problems on Ubuntu 13.10.

The "SSL3_SEND_SERVER_KEY_EXCHANGE:internal error" message comes 
from OpenSSL, so it looks like the problem is OpenSSL version 

Maxim Dounin

More information about the nginx mailing list