Hi,
I'm glad to announce a new release of NGINX Unit.
Our two previous releases were thoroughly packed with new features and
capabilities, but Unit 1.21.0 isn't an exception either. This is our
third big release in a row, with only six weeks since the previous one!
Perhaps, the most notable fea
Hi,
CVE-2019-20372 mentioned a security vulnerability, but I don't see it in
http://nginx.org/en/security_advisories.html
Does that mean CVE-2019-20372 is not considered a security vulnerability by
nginx? Or is it because nginx standard config won't be vulnerable, and
users have to enable error_lo
Thomas - Executed
o ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher: ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
BEEDB7A167EC486D98CFAFBDA541DDB308B27BFCF9D5732599DEDB1A3E2D45B2
Session-ID-ctx:
Master-Key:
5E7AD6C866CEAAC0AE0868858ADDE392406533185DFD5CE7BCA7E12E7FE6A5
Is your nginx system a Linux one? If so, then you can do something like
this:
`openssl s_client -connect localhost:443`
from the nginx box and see what handshake errors you're getting.
Thomas
On 11/19/20 2:03 PM, sachingp wrote:
Hi Thomas - We are using digicert, I don't have access to the
Hi Thomas - We are using digicert, I don't have access to the client logs,
what more I can do to go deeper
Sachin
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,290009,290013#msg-290013
___
nginx mailing list
nginx@nginx.org
http://mailman
Provide SSL logs from the client side - if you can, using OpenSSL and
its `s_connect` framework or similar to get the actual SSL handshake
errors/logs. Chances are something's wrong with the handshake or your
cert. (since I can't scan your infra directly yourself, you'll have to
get detailed
Hi - We are using Nginx as a reverse proxy with SSL as a termination point
Call flow
Network Load Balancer (TCP) --> Nginx(SSL Termination) --> Vertx Servers
(HTTP)
This is the config we use, fairly standard
upstream xyz {
server 127.0.0.1:8080;
keepalive 4096;
}
server {
l
Hi - We are using Nginx as a reverse proxy with SSL as a termination point
Call flow
Network Load Balancer (TCP) --> Nginx(SSL Termination) --> Vertx Servers
(HTTP)
This is the config we use, fairly standard
upstream xyz {
server 127.0.0.1:8080;
keepalive 4096;
}
server {
l
