SSL_write() failed errors

Palvelin Postmaster postmaster at palvelin.fi
Thu Jul 18 17:03:24 UTC 2019


Hi,

we’re getting random SSL_write() failed errors on seemingly legitimate requests. The common denominator seems to be they are all for static files (images, js, etc.). 

Can anyone help me debug the issue?

Here’s a debug log paste for one incident: https://pastebin.com/ZsbLuD5N

Our architecture is: Amazon ALB > Nginx 1.14 > PHP-FPM 7.3

Some of our possibly relevant nginx config parameters:

        upstream php73 {
        server unix:/run/php/php7.3-fpm.sock max_fails=20 fail_timeout=60;
        }

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 120m;
        ssl_dhparam /etc/nginx/dhparam.pem;
        ssl_ciphers !aNULL:!eNULL:FIPS at STRENGTH; # http://blog.chrismeller.com/configuring-and-optimizing-php-fpm-and-nginx-on-ubuntu-or-debian


        # Caching configuration using 30 days expiration delay for static served files.
        location ~ \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpe?g|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|cur)$ {
                set $location_name static; # Location name
                expires 30d;
                log_not_found off;
                access_log off;
        }



More information about the nginx mailing list