Welcome! Log In Create A New Profile

RE: Intermittent SSL Handshake Errors

Forum List Message List New Topic Print View

Lukas Tribus

February 03, 2015 03:42PM

> I just finished running an experiment that has shed some light on the issue.
> It has not yet been solved though.
>
> I setup another nginx server with the same configuration with an upstream
> app that always responds with HTTP 200. I included JS on each page load in
> production to make a single request to this server.
>
> I ran tcpdump on the test server and what I found was very interesting.
> Client connections producing the above "inappropriate fallback" on the test
> server all appear to do some form of the following:
>
> (Client and Server successfully complete 3-way handshake)
> Client: Client Hello TLSv1.2
> Server: RST
> Client: ACK
> Server: RST
> (Client and Server successfully complete 3-way handshake)
> Client: Client Hello TLSv1.1
> Server: RST
> Client: ACK
> Server: RST
> (Client and Server successfully complete 3-way handshake)
> Client: Client Hello TLSv1.0
> Server: Encrypted Alert (Content Type: Alert (21))
> (Client sends RST, which the server acknowledges, and the connection ends)

Can you reliably reproduce this with specific client software or networks? Can
you upload a pcap file this failed handshake somewhere for further inspection?

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Intermittent SSL Handshake Errors	Eric R.	January 31, 2015 01:06PM
Re: Intermittent SSL Handshake Errors	Richard Stanway	January 31, 2015 02:04PM
Re: Intermittent SSL Handshake Errors	Etienne Champetier	January 31, 2015 03:26PM
Re: Intermittent SSL Handshake Errors	ericr	February 02, 2015 02:56PM
Re: Intermittent SSL Handshake Errors	tempspace	February 02, 2015 03:26PM
Re: Intermittent SSL Handshake Errors	ericr	February 03, 2015 01:18PM
Re: Intermittent SSL Handshake Errors	tempspace	February 03, 2015 02:04PM
Re: Intermittent SSL Handshake Errors	ericr	February 03, 2015 09:42PM
Re: Intermittent SSL Handshake Errors	tempspace	February 03, 2015 09:48PM
RE: Intermittent SSL Handshake Errors	Lukas Tribus	February 03, 2015 03:42PM
Re: RE: Intermittent SSL Handshake Errors	ericr	February 06, 2015 01:49PM
RE: Intermittent SSL Handshake Errors	Lukas Tribus	February 06, 2015 06:32PM
Re: Intermittent SSL Handshake Errors	ankneo	March 20, 2015 01:57PM
Re: Intermittent SSL Handshake Errors	tempspace	March 20, 2015 02:15PM
Re: Intermittent SSL Handshake Errors	ankneo	March 26, 2015 02:41PM
Re: Intermittent SSL Handshake Errors	ywarnier	April 18, 2015 05:31PM
Re: Intermittent SSL Handshake Errors	DrMickeyLauer	May 08, 2015 10:49AM
Re: Intermittent SSL Handshake Errors	Maxim Dounin	March 21, 2015 10:54AM
Re: Intermittent SSL Handshake Errors	tempspace	March 21, 2015 11:50AM
Re: Intermittent SSL Handshake Errors	tempspace	March 21, 2015 11:59AM
Re: Intermittent SSL Handshake Errors	Maxim Dounin	March 21, 2015 09:14PM
Re: Intermittent SSL Handshake Errors	flechamobile	July 12, 2015 12:33PM
Re: Intermittent SSL Handshake Errors	B.R.	July 12, 2015 01:40PM
Re: Intermittent SSL Handshake Errors	flechamobile	January 15, 2016 06:36PM
Re: Intermittent SSL Handshake Errors	flechamobile	January 15, 2016 06:41PM
Re: Intermittent SSL Handshake Errors	piyushmalhotra	February 11, 2016 01:26PM
Re: Intermittent SSL Handshake Errors	tempspace	July 14, 2015 09:58PM
Re: Intermittent SSL Handshake Errors	Maxim Dounin	July 15, 2015 12:10PM
Re: Intermittent SSL Handshake Errors	piyushmalhotra	January 11, 2016 02:13PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 286

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018