SSL issues with one of the hosts/load balancers in front of openresty.org

pmk · 2017-09-28T11:27:37+00:00

does anyone know of module/package that can verify based on the auth_tkt scheme, or something else that is lightweight? I have not been able to find one.i ba...

SSL issues with one of the hosts/load balancers in front of openresty.org

pmk

Hi all:

We are seeing SSL negotiation failures talking to one of the two IP addresses that are fronting openresty.org (138.68.231.133).

curl reports:

* Trying 138.68.231.133...
* TCP_NODELAY set
* Connected to openresty.org (138.68.231.133) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -12188 (SSL_ERROR_INTERNAL_ERROR_ALERT)
* Peer reports it experienced an internal error.
* Curl_http_done: called premature == 1
* Closing connection 0

and ssllabs.com shows:

Assessment failed: Failed to communicate with the secure server

Best,

Patrick Michael Kane
We Also Walk Dogs
<p...@wawd.com>