Intermittent SSL Handshake Errors

Etienne Champetier champetier.etienne at gmail.com
Sat Jan 31 20:24:44 UTC 2015


Hi

Le 31 janv. 2015 20:02, "Richard Stanway" <r1ch+nginx at teamliquid.net> a
écrit :
>>
>> ...
>> 2015/01/13 12:22:59 [crit] 11871#0: *140260577 SSL_do_handshake()
>> failed (SSL: error:1408A0D7:SSL
>> routines:SSL3_GET_CLIENT_HELLO:required cipher missing) while SSL
>> handshaking, client: *.*.*.*, server: 0.0.0.0:443
>>
>
> According to the openssl code, this occurs when a client attempts to
resume a session that had made use of previously-enabled ciphers. If you're
changing your allowed ciphers frequently this could be why, otherwise a
full cycle of nginx to empty out the session cache seems like it should
resolve this.
>

Reading Richard reply, maybe the client try to resume the session on a
different server? (If you can check the logs to see where were the client
before the error)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20150131/2be033ee/attachment-0001.html>


More information about the nginx mailing list