Geek Answers Handbook

Nginx error message - what does peer refer to?

To debug the nginx error case, I need to first fully understand the error log message. Our nginx writes a specific error log message from time to time.

Log message

"equivalent connection in SSL handshake (104: reset connection by peer), while SSL connection to upstream."

What is meant by "equal"?

I would like to know if peer refers to the upstream, which means that the upstream closed the connection during an ssl handshake or refers to the client, which means that the client connection was closed when the load balancer and the web server were inside handshake time?

Customization

  • nginx loadbalancer
  • 2 web servers (upstream) working with IIS8
  • Ssl Supplier: Comodo
+4
source share
3 answers

After many hours of debugging, we finally found the actual cause of the problem. The error message was created by a client requesting nginx without a domain, for example. https://11.22.33.44/robots.txt . Then Nginx redirected the request to the IIS server, which did not have default sites associated with https for ip-alone requests.

The conclusion to the original question is that the peer actually refers to the upstream (IIS), since IIS is the one that cuts the connection.

, , nginx , , "" -, - nginx . , IIS .

0

Peer . , , , , SSL (Client → nginx, nginx → upstream), - , nginx

+4

, Comodo .bundle .

.

Click this link for more details.

EDIT

A friend should be at the same level as Nginx, which, since your SSL issues, should be OpenSSL.

I would venture to suggest that your OS is Ubuntu 12.x and that OpenSSL 1.0.1. If so, then the problem is most likely due to a Ubuntu error.

It seems you need to either upgrade to Ubuntu 13.04 or disable TLS 1.1.

Click this link for more details.

In any case, the peer is not upward.

+1
source

More articles:


All Articles