Bug re: openssl-1.0.1

Peter Fraser petros.fraser at gmail.com
Tue Jan 6 22:46:12 UTC 2015

Hi. Thanks for replying.
I read it in two places. Here are the links.

The full error is this: *peer closed connection in SSL handshake while SSL
handshaking, client: <client_IP>, server: <Server_FQDN> request: "POST
HTTP/1.1", upstream:
host: "<SERVER_FQDN>"*

produced with debugging enabled.

If I run *openssl s_client -connect <SERVER_IP:443*  I get:
675508300:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 307 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE

If I run

*openssl s_client -connect <SERVER_IP:443 -SSL3 the connection works but it
won't work from nginx even when I enable SSLv3.*

*Hope I provided enough info. If not please let me know.*

On Tue, Jan 6, 2015 at 5:09 PM, Lukas Tribus <luky-37 at hotmail.com> wrote:

> > Hi All
> > I'm trying to use nginx to also proxy to owa. I am getting the error
> > peer closed connection in SSL handshake while SSL handshaking to upstream
> >
> > I have read that this is due to a bug and that the solution is to
> > downgrade to openssl 1.0
> Where did you read that? From the information you provided, there
> is no way to understand the issue here at all.
> Reproduce this with nginx in debug mode, post the output and better
> yet, post an ssldump sample of the failed handshake as well.
> Lukas
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20150106/4fe38370/attachment.html>

More information about the nginx mailing list