Nginx SSL Handshake Error
Question
I am getting following error in my server log :
[crit] 915#0: *46701 SSL_do_handshake() failed (SSL: error:140A1175:SSL routines:SSL_BYTES_TO_CIPHER_LIST:inappropriate fallback) while SSL handshaking, client: 187.50.199.66, server: 0.0.0.0:443
What does it mean ? How can I solve it ?
Please help me.
1 answers
solution1
2 2015-03-02 19:37:15
It looks, as it's connected with security bug in OpenSSL . It's nothing to do with YOUR nginx configuration. It's just indicating that your server has client which inproperly handles SSL handshakes.
What is SSL handshake?
Basically it's exchanging some messages between client and server at the beggining of each session. It consists of 6 phases:
- Client Hello
- Server Hello
- Authentication and Pre-Master Secret
- Decryption and Master Secret
- Generate Session Keys
- Encryption with Session Key
Read more at http://www.symantec.com/connect/blogs/how-does-ssl-work-what-ssl-handshake
To sum up - your server is raising this warning to indicate that some client is (un)intentionally breaking this procedure (for example, prematurely ending connection, or trying to open it several times in one session.
How to solve it?
If you really want to get rid of this message (it's not recommended) you can change level of error logging 9in your nginx.conf file), to something like:
error_log logs/error.log alert;
*available levels are: debug | info | notice | warn | error | crit | alert | emerg
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.