Hello. We recently renewed our SSL certificate. After reloading nginx the number of connections increased significantly even if the number of requests remained the same.
Trying out the debug log there are a lot of entries similar to the following: accept: 153.185.223.172:59011 fd:5 event timer add: 5: 60000:1409550689995 reusable connection: 1 epoll add event: fd:5 op:1 ev:80002001 post event 00007FF5AB84F280 delete posted event 00007FF5AB84F280 http check ssl handshake http recv(): 1 https ssl handshake: 0x80 SSL_do_handshake: -1 SSL_get_error: 2 reusable connection: 0 post event 00007FF5AB84F280 delete posted event 00007FF5AB84F280 SSL handshake handler: 0 SSL_do_handshake: 0 SSL_get_error: 1 SSL_do_handshake() failed (SSL: error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error:SSL alert number 51) while SSL handshaking, client: 153.185.223.172, server: 0.0.0.0:443 close http connection: 5 SSL_shutdown: 1 event timer del: 5: 1409550689995 reusable connection: 0 free: 0000000001DE0DF0, unused: 0 free: 0000000001E15510, unused: 136 Our SSL certificate is a Positive SSL Wildcard from Comodo. Output of nginx -V: nginx version: openresty/1.7.2.1 built by gcc 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) TLS SNI support enabled configure arguments: --prefix=/usr/local/openresty/nginx --with-debug --with-cc-opt='-DNGX_LUA_USE_ASSERT -DNGX_LUA_ABORT_AT_PANIC' --add-module=../ngx_devel_kit-0.2.19 --add-module=../echo-nginx-module-0.54 --add-module=../xss-nginx-module-0.04 --add-module=../ngx_coolkit-0.2rc1 --add-module=../set-misc-nginx-module-0.24 --add-module=../form-input-nginx-module-0.09 --add-module=../encrypted-session-nginx-module-0.03 --add-module=../srcache-nginx-module-0.28 --add-module=../ngx_lua-0.9.10 --add-module=../ngx_lua_upstream-0.02 --add-module=../headers-more-nginx-module-0.25 --add-module=../array-var-nginx-module-0.03 --add-module=../memc-nginx-module-0.15 --add-module=../redis2-nginx-module-0.11 --add-module=../redis-nginx-module-0.3.7 --add-module=../rds-json-nginx-module-0.13 --add-module=../rds-csv-nginx-module-0.05 --with-ld-opt=-Wl,-rpath,/usr/local/openresty/luajit/lib --with-http_stub_status_module --with-http_ssl_module Link to the debug log, with some lines removed for privacy: http://goo.gl/xsJfNz. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,252972,252972#msg-252972 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
