nginx ssl handshake failed
-
게시물 수정 , 삭제는 로그인 필요
nginx와 tomcat 웹/앱을 서비스하고있습니다
최근 크롬브라우저, 안드로이드 웹뷰에서
크롬: "서버에서 잘못된 응답을 전송했습니다",
웹뷰: "웹페이지를 사용할 수 없음"
둘다 SSL_PROTOCOL_ERROR 가 나타납니다.
에러내용:
/var/log/nginx/error.log
---------------------
SSL_do_handshake() failed (SSL: error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early) while SSL handshaking, client: 64.41.200.107, server: 0.0.0.0:443
SSL_read() failed (SSL: error:1408F092:SSL routines:SSL3_GET_RECORD:data length too long) while waiting for request, client: 64.41.200.107, server: 0.0.0.0:443
---------------------
nginx.conf
---------------------
server {
listen 443 ssl;
server_name domain;
ssl on;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.pem;
ssl_password_file /etc/nginx/ssl/cert.pass;
client_max_body_size 20M;
client_body_buffer_size 10M;
ssl_session_timeout 30m;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!RC4;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://domain:port/;
proxy_max_temp_file_size 0;
proxy_buffering off;
}
error_page 403 404 500 502 503 504 /50x.html;
location = /50x.html {
root /home/project/tomcat/;
internal;
}
}
server {
listen 80;
server_name domain;
root /home/project/tomcat/www/;
client_max_body_size 20M;
client_body_buffer_size 10M;
location / {
proxy_pass http://domain:port/;
}
error_page 403 404 500 502 503 504 /50x.html;
location = /50x.html {
root /home/project/tomcat/;
internal;
}
return 301 https://domain;
}
---------------------
추가정보
OS: CentOS release 6.6
nginx -v: nginx/1.10.2
SSL: Sectigo RSA Domain Validation Secure Server CA
nginx와 tomcat 웹/앱을 서비스하고있습니다
최근 크롬브라우저, 안드로이드 웹뷰에서
크롬: "서버에서 잘못된 응답을 전송했습니다",
웹뷰: "웹페이지를 사용할 수 없음"
둘다 SSL_PROTOCOL_ERROR 가 나타납니다.
에러내용:
/var/log/nginx/error.log
---------------------
SSL_do_handshake() failed (SSL: error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early) while SSL handshaking, client: 64.41.200.107, server: 0.0.0.0:443
SSL_read() failed (SSL: error:1408F092:SSL routines:SSL3_GET_RECORD:data length too long) while waiting for request, client: 64.41.200.107, server: 0.0.0.0:443
---------------------
nginx.conf
---------------------
server {
listen 443 ssl;
server_name domain;
ssl on;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.pem;
ssl_password_file /etc/nginx/ssl/cert.pass;
client_max_body_size 20M;
client_body_buffer_size 10M;
ssl_session_timeout 30m;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!RC4;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://domain:port/;
proxy_max_temp_file_size 0;
proxy_buffering off;
}
error_page 403 404 500 502 503 504 /50x.html;
location = /50x.html {
root /home/project/tomcat/;
internal;
}
}
server {
listen 80;
server_name domain;
root /home/project/tomcat/www/;
client_max_body_size 20M;
client_body_buffer_size 10M;
location / {
proxy_pass http://domain:port/;
}
error_page 403 404 500 502 503 504 /50x.html;
location = /50x.html {
root /home/project/tomcat/;
internal;
}
return 301 https://domain;
}
---------------------
추가정보
OS: CentOS release 6.6
nginx -v: nginx/1.10.2
SSL: Sectigo RSA Domain Validation Secure Server CA
#nginx ssl 적용 #nginx ssl 인증서 적용 #nginx ssl 인증서 갱신 #nginx ssl_certificate #nginx ssl 인증서 발급 #nginx ssl_ciphers #nginx ssl_protocols #nginx ssl password #nginx ssl_prefer_server_ciphers #nginx ssl 적용하기