SSL Handshake Failure with error:1407609B:SSL in error logs
Maxim Dounin
mdounin at mdounin.ru
Wed Jul 4 17:04:59 UTC 2018
Hello!
On Wed, Jul 04, 2018 at 03:31:59AM -0400, shivramg94 wrote:
> We are trying to configure TCP load balancing with TLS termination. But when
> we try to access the URL, we could see the below error in the nginx error
> and access logs
>
> Nginx Error Log:
>
> 2018/07/04 07:16:45 [crit] 7944#0: *61 SSL_do_handshake() failed (SSL:
> error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request)
> while SSL handshaking, client: XX.XXX.XX.XX, server: 0.0.0.0:443
>
> Nginx Access Log:
>
> 10.90.241.125 - - [04/Jul/2018:07:24:55 +0000] TCP 500 0 0 0.000 "-"
>
> The nginx.conf file looks like this
>
> stream {
> log_format sample '$remote_addr - - [$time_local] $protocol $status
> $bytes_sent $bytes_received $session_time "$upstream_addr"';
> upstream backends {
> server sample-domain-name.com:443;
> }
> server {
> listen 443 ssl;
> access_log /etc/access_logs/tcp_access_log sample;
> ssl_certificate Certificate_PATH;
> ssl_certificate_key Private_Key_Path;
> proxy_ssl off;
> proxy_pass backends;
> }
> }
The error in question means that OpenSSL encountered "CONNE..."
string instead of an SSL ClientHello message. That is, it looks
like you are trying to talk to nginx without SSL, while you've
configured it to expect SSL on the socket in question.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list