Secure connection failed on Firefox

joseph-pg nginx-forum at forum.nginx.org
Sat Oct 7 16:27:33 UTC 2017


Maxim Dounin Wrote:
-------------------------------------------------------
> Hello!
[...]
> The message suggests that the file in question was non-atomically 
> modified while being served.  It is expected that such a 
> modification will lead to a fatal error if nginx will be able to 
> detect the problem.  If it won't, likely the client will get a 
> garbage with a mix of original and new contents of the file.
> 
> The only safe approach is to modify files atomically, that is, 
> create a new file and then use mv (the rename() syscall) to move 
> it atomically to the appropriate place.  It might not be trivial 
> or even possible to do this correctly on Windows though[1].
> 
> Additionally, it looks like you are using open_file_cache.  It is 
> actually a very bad idea if you modify files in-place, as it 
> greatly expands the race window between opening and stat()'ing the 
> file and serving its contents.  Remove open_file_cache from the 
> configuration unless you are sure all file modifications are 
> atomic.
> 
> [1]
> https://stackoverflow.com/questions/167414/is-an-atomic-file-rename-wi
> th-overwrite-possible-on-windows
> 
> -- 
> Maxim Dounin
> http://nginx.org/
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


Thanks, Maxim. I removed it and the problem disappears.

--

Joseph Aditya P. G.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,276738,276761#msg-276761



More information about the nginx mailing list