I am facing the same issue on my Debian 7 Server. I downgraded to 1.0.1e-2+deb7u12 version of libssl1.0.0 and restarted nginx but the issue is still occurring for me. I can still see the same logs.
I also tried following these instructions(installed the deb packages made by these instructions) but even these didn't help: apt-get update ; apt-get source libssl1.0.0 > cd openssl-1.0.1e > dquilt pop Support-TLS_FALLBACK_SCSV > dquilt delete Support-TLS_FALLBACK_SCSV > dpkg-source --commit > dpkg-buildpackage Can anybody suggest as to what i can do to fix this? After trying both methods, i restarted nginx by using sudo service nginx restart But i can still see the same error logs. How can i be sure that nginx is picking up the updated libssl and openssl binaries? Is there any way to check if the SSL library which NGINX is using has support for TLS_FALLBACK_SCSV? Posted at Nginx Forum: https://forum.nginx.org/read.php?2,256373,263933#msg-263933 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
