Hello, Recent am vazut prin logurile unui nginx niste dude SSL-related de forma urmatoare:
[info] 31178#0: *25677410 SSL_do_handshake() failed (SSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message) while SSL handshaking, client: foo, server: bar [info] 31180#0: *25678494 SSL_do_handshake() failed (SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol) while SSL handshaking, client: foo, server: bar [info] 31177#0: *25696675 SSL_do_handshake() failed (SSL: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate expired) while SSL handshaking, client: foo, server: bar [info] 31179#0: *25697985 SSL_do_handshake() failed (SSL: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown) while SSL handshaking, client: foo, server: bar [info] 31177#0: *25694676 SSL_do_handshake() failed (SSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate) while SSL handshaking, client: foo, server: bar Clientii sunt destul de variati si par sa fie destul de legitimi (adica nu vreun scanbot chinezesc scris cu picioarele). Globul de cristal al lui Google e putin in ceata, zice ceva de o optiune proxy_ssl_session_reuse pe care n-o prea gasesc documentata si de alti omuleti care au probleme intermitente similare, fara vreun raspuns foarte clar. La mine nginx functioneaza ca load balancer si ssl offloader (adica backendurile apache sunt pe http, iar nginx prezinta un socket https clientilor),configuratie care pare sa semene cu a altora cu problema asta. Ii spun treburile astea ceva mai mult cuiva? Thanks, -- Petre. _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
