1.0.5 vs 1.0.10

Server NGINX
1

Hi,

I recently copied configuration files that worked correctly in 1.0.5
which no longer work in 1.0.10

I tested using curl: curl -k -H ‘X-Forwarded-For: 1.2.3.4’ -F
[email protected] -F username=user -F password=pass
https://example.com

The response I get is: curl: (35) Unknown SSL protocol error in
connection to example.com:443

Any ideas why this only poses issues in 1.0.10 and not in 1.0.5 ? What
changes are required, or is this a bug?

Configuration:

nginx.conf

server {

include conf.d/*.conf

passenger module

}

conf.d/ssl.conf

server {
listen 443 default ssl;
server_name _;

ssl on;
ssl_certificate path/to/cert;
ssl_certificate_key path/to/key;
ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}

conf.d/app.rb

server {
listen 80;
listen 443;

    log_format  main2  '$remote_addr - $remote_user [$time_local]

“$request” ’
'$status $body_bytes_sent “$http_referer” ’
‘“$request_body” “$http_x_forwarded_for”
“$http_x_forward_for”’ ;
error_log /home//app/log/nginx-error.log;

    server_name example.com;
    root /home/app/public;   # <--- be sure to point to 'public'!
    access_log  /home/app/log/nginx-access.log  main2;
    passenger_set_cgi_param HTTP_X_FORWARDED_FOR

$http_x_forwarded_for;
passenger_enabled on;
}

Posted at Nginx Forum:

2

Hello!

On Thu, Mar 29, 2012 at 05:09:05PM -0400, stormflake wrote:

connection to example.com:443

Any ideas why this only poses issues in 1.0.10 and not in 1.0.5 ? What
changes are required, or is this a bug?

[…]

Most likely you’re hitting this bug, as fixed in nginx 1.0.11:

*) Bugfix: a segmentation fault might occur in a worker process if

SNI
was used; the bug had appeared in 1.0.9.

Upgrade to nginx 1.0.14 or follow the workaround outlined here:

http://trac.nginx.org/nginx/ticket/54#comment:3

Maxim D.

3

thanks!

Posted at Nginx Forum: