Random SSL Handshake Errors

We’re currently trying to get an nginx proxy connecting to an apache
backend with end-to-end SSL up and running.

Unfortunately we’re randomly receiving 502 Bad Gateway errors from nginx
(I’d say about 10% of the time). We traced it back to a bad SSL
Handshake where the nginx server sends back a TLS alert 21 (Decrypt
Error) to the apache server.

Nginx is currently running version 0.8.29 with OpenSSL 0.9.8g, and the
apache back end is using apache 1.3.41 and OpenSSL 0.9.8k.

Any help would be greatly appreciated.


On Sat, Jan 30, 2010 at 12:48 PM, Todd Y. [email protected]

I would start with updating nginx and openssl.

Also note that nginx is not a general proxy, and specifically, is not
a forward proxy. Connecting nginx over SSL through the internet is
not what it is best at.

– Merlin