ssl hand shake with upstream url

thunder hill thunderhill4 at gmail.com
Thu Sep 18 05:32:18 UTC 2014


Hi,

I am getting ssl hand shake error. upstream server is running on 443 port.
Enabled the debug in nginx.
And the configuration is as follows.

upstream backends {
   server xyz.elb.amazonaws.com:443;
}
server {
   listen              80;
      server_name         xyz-.elb.amazonaws.com;
   location / {

                proxy_set_header Host $host;
                proxy_set_header Accept-Encoding "";
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-Server $host;
                proxy_ssl_session_reuse off;
                proxy_pass https://backends;
}



2014/09/18 05:14:57 [debug] 2460#0: posix_memalign: 0000000000DCE430:256 @16
2014/09/18 05:14:57 [debug] 2460#0: *6 accept: xx.xx.xx.xx fd:16
2014/09/18 05:14:57 [debug] 2460#0: *6 event timer add: 16:
60000:1411017357143
2014/09/18 05:14:57 [debug] 2460#0: *6 reusable connection: 1
2014/09/18 05:14:57 [debug] 2460#0: *6 epoll add event: fd:16 op:1
ev:80000001
2014/09/18 05:14:57 [debug] 2460#0: post event 0000000000DF5110
2014/09/18 05:14:57 [debug] 2460#0: delete posted event 0000000000DF5110
2014/09/18 05:14:57 [debug] 2460#0: accept on 0.0.0.0:80, ready: 0
2014/09/18 05:14:57 [debug] 2460#0: posix_memalign: 0000000000DCE540:256 @16
2014/09/18 05:14:57 [debug] 2460#0: *7 accept: xx.xx.xx.xx fd:17
2014/09/18 05:14:57 [debug] 2460#0: *7 event timer add: 17:
60000:1411017357146
2014/09/18 05:14:57 [debug] 2460#0: *7 reusable connection: 1
2014/09/18 05:14:57 [debug] 2460#0: *7 epoll add event: fd:17 op:1
ev:80000001
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event 0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL handshake handler: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_do_handshake: -1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_get_error: 2
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event 0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL handshake handler: 0
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_do_handshake: -1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_get_error: 2
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event 0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL handshake handler: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_do_handshake: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL: TLSv1.2, cipher:
"ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128)
Mac=AEAD"
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream send request
2014/09/18 05:14:57 [debug] 2460#0: *1 chain writer buf fl:1 s:390
2014/09/18 05:14:57 [debug] 2460#0: *1 chain writer in: 0000000000DD7470
2014/09/18 05:14:57 [debug] 2460#0: *1 malloc: 0000000000E2F450:80
2014/09/18 05:14:57 [debug] 2460#0: *1 malloc: 0000000000E1C130:16384
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL buf copy: 390
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL to write: 390
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_write: 390
2014/09/18 05:14:57 [debug] 2460#0: *1 chain writer out: 0000000000000000
2014/09/18 05:14:57 [debug] 2460#0: *1 event timer del: 9: 1411017357134
2014/09/18 05:14:57 [debug] 2460#0: *1 event timer add: 9:
60000:1411017357151
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream process header
2014/09/18 05:14:57 [debug] 2460#0: *1 malloc: 0000000000DCE650:8192
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_read: -1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_get_error: 2
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event 0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream request: "/?"
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream process header

What is going wrong?


--
T
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140918/1ff13ea5/attachment-0001.html>


More information about the nginx mailing list