nginx SSL_do_handshake() failed
Nicholas Wieland
ngw at nofeed.org
Fri Nov 27 15:54:29 UTC 2015
it's the first time I configure an SSL certificate on my development machine (I'm no sysadmin - I need SSL to work with facebook). I decided to go with ngingx proxying a ruby sinatra application, nothing fancy.
This is the error I get when Facebook tries to connect to my HTTP server. AFAIK nginx is the culprit here:
2015/11/26 15:42:03 [info] 42872#0: *3 SSL_do_handshake() failed (SSL: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:SSL alert number 48) while SSL handshaking, client: 31.13.113.70, server: 0.0.0.0:4567
This is what I did:
Downloaded the cert (a .key, a .crt and a .csr) from RapidSSL
Downloaded the trusted cert from RapidSSL (https://knowledge.rapidssl.com/library/VERISIGN/ALL_OTHER/RapidSSL%20Intermediate/RapidSSL_CA_bundle.pem) and saved locally under /etc/ssl/cert/
Installed locally nginx and configured like this: https://gist.github.com/ngw/f97adc4194b08ea355c8
Restarted both nginx and puma respectively on port 4567 and 8080
Went to https://sandbox.thing.it, the app responded as expected, the connection was encrypted and the certificate appears to be the correct one.
Went to Facebook and attempted to register a new page subscription (https://developers.facebook.com/docs/graph-api/webhooks/v2.2). Had the error reported on the top (SSL_do_handshake() failed) when Facebook attempted to validate my callback url
Any suggestion?
Thanks for your time,
ngw
More information about the nginx
mailing list