2018/03/16 13:29:25 [info] 24306-sharp24306: *3 client timed out (110: Connection timed out) while SSL handshaking, client: x.x.x.x, server: 0.0.0.0:443
see this error in nginx"s error log, and it"s strange that nginx"s log level shows that it"s [info] level.
however, I can"t connect to the website under some IP, but the amazing thing is that I can connect with an agent, and I can connect directly under most networks. what"s the reason for this?
I"ve tested that it should have nothing to do with the back end, even if it"s just static pages.
ssl configuration of nginx:
server {
listen *:443 ssl http2;
listen [::]:443 ssl http2;
server_name xxx.com;
ssl on;
ssl_certificate /ssl/letsencrypt/chained.pem;
ssl_certificate_key /ssl/letsencrypt/domain.key;
ssl_dhparam /ssl/letsencrypt/dhparams.pem;
ssl_trusted_certificate /ssl/letsencrypt/full_chained.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_prefer_server_ciphers on;
-sharp ssl_stapling on;
-sharp ssl_stapling_verify on;
}
later, even if I only keep
ssl on;
ssl_certificate /ssl/letsencrypt/chained.pem;
ssl_certificate_key /ssl/letsencrypt/domain.key;
these necessary configurations do not work either.
Certificate is a certificate of letsencrypt, and there are multiple https sites on the server
analyze the possible cause of this exception from the error report, or provide some ideas for debug troubleshooting. Thank you