Intermittent SSL Handshake Errors

flechamobile nginx-forum at forum.nginx.org
Fri Jan 15 23:36:54 UTC 2016


Yeah I removed the double blocks and it solved the problem...
The 'possible bug' though is that the problem seems completely random..
instead of giving error all the time sometimes it works and sometimes it
doesn't... Just refreshing the site a few times and it worked..

So it looks like Nginx just randomly picks the cert..

Also SNI is enabled I checked.


B.R. Wrote:
-------------------------------------------------------
> Out of thin air, I suspect it is a certificate problem.
> You seem to have configured *the same* certificate (and private key)
> for
> those 2 domains. Since certificates are generally tied to a single
> domain,
> that could explain errors.
> 
> Another idea: have you checked nginx has been built with SNI support
> and
> you client also supports it? Problems with SNI would mean the default
> server certificate (since you did not define a default server for your
> IP
> address/port pair, nginx would pick up the first block containing a
> 'listen' directive configured for it) would be presented whatever
> domain
> you are trying to access, ending up with certificate/domain mismatch.
> See http://nginx.org/en/docs/http/configuring_https_servers.html.
> ---
> *B. R.*
>

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,256373,263987#msg-263987



More information about the nginx mailing list