Sorry for taking so long to reply. I am running FreeBSD 10.1 RELEASE and it
is Openssl version is OpenSSL 1.0.1j and I installed it from the ports tree
(source).
Regards
On Tue, Jan 6, 2015 at 4:56 PM, Lukas Tribus luky...@hotmail.com wrote:
Hi. Thanks for replying.
I read it in two places.
You were absolutely correct. It is working now. I changed three things. I
firstly forced TLS 1.0 then changed the directive ssl_protocols to
proxy_ssl_protocols as you suggested. Finally, I restricted to Cipher list
as you also mentioned. I had thought that I would leave all that out and
tie
I did an ssldump and this is the conversation between both servers:
This ssldump seems incomplete, there is no response. Please post the
full ssldump.
The bug is probably neither in openssl nor in nginx, but in the origin
server (but we don't have the full handshake here).
Since nginx 1.5.6,
I did an ssldump and this is the conversation between both servers:
New TCP connection #1: nginx.domain.net(46318) - backend.domain.net((443)
TCP: nginx.domain.net((46318) - backend.domain.net((443) Seq
54751863.(307) ACK 350741031 PUSH
1 1 1421082336.3009 (0.0012) CSV3.1(302) Handshake
Hi All
I'm trying to use nginx to also proxy to owa. I am getting the error
peer closed connection in SSL handshake while SSL handshaking to upstream
I have read that this is due to a bug and that the solution is to
downgrade to openssl 1.0
Where did you read that? From the
Hi. Thanks for replying.
I read it in two places. Here are the links.
1.
http://serverfault.com/questions/436737/forcing-a-particular-ssl-protocol-for-an-nginx-proxying-server
2.
http://w3facility.org/question/forcing-a-particular-ssl-protocol-for-an-nginx-proxying-server/
The full error is this:
Hi. Thanks for replying.
I read it in two places. Here are the links.
1.
http://serverfault.com/questions/436737/forcing-a-particular-ssl-protocol-for-an-nginx-proxying-server
2.
http://w3facility.org/question/forcing-a-particular-ssl-protocol-for-an-nginx-proxying-server/
Hi All
I'm trying to use nginx to also proxy to owa. I am getting the error
*peer closed connection in SSL handshake while SSL handshaking to upstream*
I have read that this is due to a bug and that the solution is to downgrade
to openssl 1.0
I don't want to downgrade because I would want users
I guess are running with an nginx executable from a third party, that has
been linked to an older release of openssl.
Since you can reproduce it with openssl s_client, it probably is more
complicated than that.
can you provide an ssldump of the failed connection attempt?
Lukas
