SSL + Large file uploads (3GB+)

Server NGINX
1

Hello,

I’m having problems uploading large files (3GB) to a server with SSL
enabled. I’m using nginx 1.4.2 + passenger. Files around 1GB large work
fine.

My /tmp mount is large enough to handle files of that size. I guess I’m
missing something. I read about a SSLRenegBufferSize parameter for the
apache server - is there a similar directive for nginx that I’m missing?
I
appreciate any hints.

My nginx configuration:
nginx version: nginx/1.4.1
built by gcc 4.4.5 (Debian 4.4.5-8)
TLS SNI support enabled
configure arguments: --prefix=/opt/nginx --with-http_ssl_module
–with-http_gzip_static_module --with-cc-opt=-Wno-error
–add-module=/usr/local/rvm/gems/ruby-1.9.3-p392/gems/passenger-3.0.19/ext/nginx

Here is the curl output that I get when trying to post a 3GB+ file:

curl -v -X POST -d @BIG_TEST_ARCHIVE_3.zip https://shared.com

  • About to connect() to shared.com port 443 (#0)
  • Trying 199.58.85.103…
  • connected
  • Connected to shared.com (199.58.85.103) port 443 (#0)
  • SSLv3, TLS handshake, Client hello (1):
  • SSLv3, TLS handshake, Server hello (2):
  • SSLv3, TLS handshake, CERT (11):
  • SSLv3, TLS handshake, Server key exchange (12):
  • SSLv3, TLS handshake, Server finished (14):
  • SSLv3, TLS handshake, Client key exchange (16):
  • SSLv3, TLS change cipher, Client hello (1):
  • SSLv3, TLS handshake, Finished (20):
  • SSLv3, TLS change cipher, Client hello (1):
  • SSLv3, TLS handshake, Finished (20):
  • SSL connection using DHE-RSA-AES256-SHA
  • Server certificate:
  • subject: OU=Domain Control Validated; CN=shared.com
  • start date: 2013-05-06 12:15:19 GMT
  • expire date: 2016-05-06 12:15:19 GMT
  • subjectAltName: shared.com matched
  • issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.;
    OU=Sign In; CN=Go Daddy Secure
    Certification Authority; serialNumber=07969287
  • SSL certificate verify ok.

POST / HTTP/1.1
User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0
OpenSSL/0.9.8x zlib/1.2.5
Host: shared.com
Accept: /
Content-Length: 1590530720
Content-Type: application/x-www-form-urlencoded
Expect: 100-continue

< HTTP/1.1 100 Continue

  • SSL read: error:00000000:lib(0):func(0):reason(0), errno 60
  • Closing connection #0
    curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 60

Posted at Nginx Forum:

2

Hello!

On Wed, Jul 10, 2013 at 10:40:49AM -0400, FSC wrote:

curl -v -X POST -d @BIG_TEST_ARCHIVE_3.zip https://shared.com

[…]

  • SSL read: error:00000000:lib(0):func(0):reason(0), errno 60
  • Closing connection #0
    curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 60

Provided curl output suggests the problem is in curl, note
“Content-Length: 1590530720”.


Maxim D.
http://nginx.org/en/donation.html

3

At the end of the day the cause was a timeout due to long processing in
the
background.

Thanks for having a look anyways!

Posted at Nginx Forum: