Hi Josh,
There are bugs in OpenSSL 1.0.1e that could trigger this which is why I
asked. The two other things I would suggest trying are:
1. Look again at your cipher list, missing important ones out can
trigger this error, especially with ssl_prefer_server_ciphers set.
Judging by the quick s
Hi Andrew,
To clarify the setup earlier,
I continued to use the Ubuntu compiled version of NGINX from apt-get.
The specific procedure I used to change the lib that NGINX would load
was by replacing the libssl.so.1.0.0 and libcrypto.so.1.0.0 files in the
path referenced by ldd for the NGINX bi
Hi Josh,
When you installed the newer OpenSSL did you recompile NGINX to use the
newer version? If not then it may still have been using the older
OpenSSL with this bug in it. It is likely to be pinned to a specific
version. You can check by running "ldd" on your NGINX binary.
Kind Regards
A
Recently I tried setting up a basic nginx reverse proxy in production on
Ubuntu 14.04 using their default supported version of nginx 1.4.6.
Basic config as follows:
server {
listen 127.0.0.1:443;
server_name myhost.ca;
ssl on;
ssl_certificate /etc/nginx/certs/cert.chained.with
