SSL handshake failed with mutual TLS

Andrey Novikov envek at
Wed Jun 22 19:30:49 UTC 2016

Thank everyone for advices.

I have server certificate (first) and Intermediate CA certificate
(second) in bundle file specified in `ssl_certificate` directive.
I have Intermediate CA certificate (first) and Root CA certificate
(second) in bundle file specified in `ssl_client_certificate`.

Both server and client certificate are issued by this intermediate CA
certificate, command

    openssl verify -verbose -CAfile ca.bundle.crt client.crt


    client.crt: OK

I can successfully connect to my server with curl (using server's
certificate itself as client cert) and browser. One system can access
it with own client certificate (issued by the same intermediate), and
problematic one can't.

I will ask for problematic client's logs, not sure that it can help.

Unfortunately my Nginx is located in private network and neither
accessible from Internet nor have access to Internet. So I can't use
Qualys SSL Test. Any tests I can do with preinstalled in RHEL 7 curl
and openssl?

More information about the nginx mailing list