[英]Nginx SSL Handshake Error
I am getting following error in my server log : 我在服务器日志中收到以下错误:
[crit] 915#0: *46701 SSL_do_handshake() failed (SSL: error:140A1175:SSL routines:SSL_BYTES_TO_CIPHER_LIST:inappropriate fallback) while SSL handshaking, client: 187.50.199.66, server: 0.0.0.0:443
[crit] 915#0:* 46701 SSL_do_handshake()失败(SSL:错误:140A1175:SSL例程:SSL_BYTES_TO_CIPHER_LIST:不适当的回退),而SSL握手,客户端:187.50.199.66,服务器:0.0.0.0:443
What does it mean ? 这是什么意思 ? How can I solve it ?
我该如何解决?
Please help me. 请帮我。
It looks, as it's connected with security bug in OpenSSL . 它看起来,因为它与OpenSSL中的安全漏洞有关 。 It's nothing to do with YOUR nginx configuration.
这与你的nginx配置无关。 It's just indicating that your server has client which inproperly handles SSL handshakes.
它只是表明您的服务器具有不正确处理SSL握手的客户端。
What is SSL handshake? 什么是SSL握手?
Basically it's exchanging some messages between client and server at the beggining of each session. 基本上它是在每个会话的开始时在客户端和服务器之间交换一些消息。 It consists of 6 phases:
它由6个阶段组成:
Read more at http://www.symantec.com/connect/blogs/how-does-ssl-work-what-ssl-handshake 有关详细信息, 请访问http://www.symantec.com/connect/blogs/how-does-ssl-work-what-ssl-handshake
To sum up - your server is raising this warning to indicate that some client is (un)intentionally breaking this procedure (for example, prematurely ending connection, or trying to open it several times in one session. 总结一下 - 您的服务器发出此警告以指示某个客户端(非)故意破坏此过程(例如,过早结束连接,或尝试在一个会话中多次打开它。
How to solve it? 怎么解决?
If you really want to get rid of this message (it's not recommended) you can change level of error logging 9in your nginx.conf file), to something like: 如果您真的想要删除此消息(不建议这样做),您可以在nginx.conf文件中更改错误日志记录9),如下所示:
error_log logs/error.log alert;
*available levels are: debug | *可用级别为:debug | info |
信息| notice |
通知| warn |
警告| error |
错误| crit |
暴击| alert |
警报| emerg
EMERG
http://nginx.org/en/docs/ngx_core_module.html#error_log http://nginx.org/en/docs/ngx_core_module.html#error_log
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.