The errors went away, and now the only errors I see in our logs relating to SSL are handshake timeouts when I turn debug logs on.
Now that I think about it, though, isn't this to be expected? The errors immediately went away as soon as I downgraded far enough back to a version of OpenSSL that didn't support TLS_FALLBACK_SCSV. That doesn't address why the connections are getting reset and clients are downgrading in the first place, though. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,256373,256434#msg-256434 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
