Peer closed connection in SSL handshake
tory
nginx-forum at forum.nginx.org
Wed Jun 14 13:59:18 UTC 2017
Hello.
I want to authenticate my server using certificates on my hardware.
I have created a private certificate with openssl and have completed the
connection test without errors in the browser.
This is the setting for nginx.
server {
listen 14443;
listen [::]:14443;
ssl on;
ignore_invalid_headers off;
proxy_ssl_server_name on;
server_name cert.mydomain.com;
root /var/service/auth;
index index.html;
#include /etc/nginx/mime.types;
error_log /var/log/nginx/auth_ssl_err.log debug;
access_log /var/log/nginx/auth_ssl_acc.log;
ssl_certificate /etc/nginx/ssl/private/server.crt;
ssl_certificate_key /etc/nginx/ssl/private/server_key.pem;
ssl_client_certificate /etc/nginx/ssl/private/ca.crt;
ssl_verify_client on;
ssl_verify_depth 2;
ssl_session_cache shared:SSL:5m;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
if ($request_method !~ ^(GET|HEAD|PUT|POST|DELETE|OPTIONS)$ ){
return 405;
}
location / {
proxy_pass http://localhost:8880;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header cert-expire $ssl_client_v_end;
proxy_set_header cert-dn $ssl_client_s_dn;
proxy_redirect default;
}
}
I get an error when I connect to the server with a user certificate (crt
file) on my hardware.
Peer closed connection in SSL handshake (104: Connection reset by peer)
while SSL handshaking, client: 222.110.133.193, server: 0.0.0.0:14001
Please help me with what is wrong.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,274863,274863#msg-274863
More information about the nginx
mailing list