Ssl hand shake with upstream url

Hi,

I am getting ssl hand shake error. upstream server is running on 443
port.
Enabled the debug in nginx.
And the configuration is as follows.

upstream backends {
server xyz.elb.amazonaws.com:443;
}
server {
listen 80;
server_name xyz-.elb.amazonaws.com;
location / {

            proxy_set_header Host $host;
            proxy_set_header Accept-Encoding "";
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Server $host;
            proxy_ssl_session_reuse off;
            proxy_pass https://backends;

}

2014/09/18 05:14:57 [debug] 2460#0: posix_memalign: 0000000000DCE430:256
@16
2014/09/18 05:14:57 [debug] 2460#0: *6 accept: xx.xx.xx.xx fd:16
2014/09/18 05:14:57 [debug] 2460#0: *6 event timer add: 16:
60000:1411017357143
2014/09/18 05:14:57 [debug] 2460#0: *6 reusable connection: 1
2014/09/18 05:14:57 [debug] 2460#0: *6 epoll add event: fd:16 op:1
ev:80000001
2014/09/18 05:14:57 [debug] 2460#0: post event 0000000000DF5110
2014/09/18 05:14:57 [debug] 2460#0: delete posted event 0000000000DF5110
2014/09/18 05:14:57 [debug] 2460#0: accept on 0.0.0.0:80, ready: 0
2014/09/18 05:14:57 [debug] 2460#0: posix_memalign: 0000000000DCE540:256
@16
2014/09/18 05:14:57 [debug] 2460#0: *7 accept: xx.xx.xx.xx fd:17
2014/09/18 05:14:57 [debug] 2460#0: *7 event timer add: 17:
60000:1411017357146
2014/09/18 05:14:57 [debug] 2460#0: *7 reusable connection: 1
2014/09/18 05:14:57 [debug] 2460#0: *7 epoll add event: fd:17 op:1
ev:80000001
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event
0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL handshake handler: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_do_handshake: -1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_get_error: 2
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event
0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL handshake handler: 0
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_do_handshake: -1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_get_error: 2
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 post event 0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event
0000000000E08A58
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL handshake handler: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_do_handshake: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL: TLSv1.2, cipher:
“ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128)
Mac=AEAD”
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream send request
2014/09/18 05:14:57 [debug] 2460#0: *1 chain writer buf fl:1 s:390
2014/09/18 05:14:57 [debug] 2460#0: *1 chain writer in: 0000000000DD7470
2014/09/18 05:14:57 [debug] 2460#0: *1 malloc: 0000000000E2F450:80
2014/09/18 05:14:57 [debug] 2460#0: *1 malloc: 0000000000E1C130:16384
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL buf copy: 390
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL to write: 390
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_write: 390
2014/09/18 05:14:57 [debug] 2460#0: *1 chain writer out:
0000000000000000
2014/09/18 05:14:57 [debug] 2460#0: *1 event timer del: 9: 1411017357134
2014/09/18 05:14:57 [debug] 2460#0: *1 event timer add: 9:
60000:1411017357151
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream process header
2014/09/18 05:14:57 [debug] 2460#0: *1 malloc: 0000000000DCE650:8192
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_read: -1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_get_error: 2
2014/09/18 05:14:57 [debug] 2460#0: *1 delete posted event
0000000000DF5248
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream request: “/?”
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream process header

What is going wrong?

Hello!

On Thu, Sep 18, 2014 at 11:02:18AM +0530, thunder hill wrote:

Hi,

I am getting ssl hand shake error. upstream server is running on 443 port.
Enabled the debug in nginx.
And the configuration is as follows.

[…]

2014/09/18 05:14:57 [debug] 2460#0: *1 SSL handshake handler: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL_do_handshake: 1
2014/09/18 05:14:57 [debug] 2460#0: *1 SSL: TLSv1.2, cipher:
“ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128)
Mac=AEAD”
2014/09/18 05:14:57 [debug] 2460#0: *1 http upstream send request

[…]

What is going wrong?

There is nothing wrong in the debug log provided. SSL connection
was successfully established using the TLS 1.2 protocol,
ECDHE-RSA-AES128-GCM-SHA256 cipher suite.


Maxim D.
http://nginx.org/