Migrating from Apache to Nginx with SSL Configuration Challenges in a Linux Environment
I'm maintaining legacy code that I'm stuck trying to I've been struggling with this for a few days now and could really use some help. Quick question that's been bugging me - Quick question that's been bugging me - Currently migrating our web application from Apache to Nginx on an Ubuntu 20.04 server... We aim to improve performance and have encountered issues with SSL configuration. While setting up the Nginx server block, I followed the official documentation to enable SSL, but requests to HTTPS fail with a 495 error code, which indicates a TLS handshake failure. Here's a snippet of the Nginx configuration I'm using: ```nginx server { listen 443 ssl; server_name example.com; ssl_certificate /etc/ssl/certs/example.crt; ssl_certificate_key /etc/ssl/private/example.key; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } } ``` The SSL certificate is valid and properly installed. After confirming that the Nginx service is running and reloading the configuration, I've checked the firewall settings to ensure that port 443 is open. Interestingly, when testing with an SSL checker tool, it shows the certificate is recognized, but the Nginx error logs reveal lines like: ``` 2023/10/13 14:32:45 [error] 12345#0: *1 SSL_do_handshake() failed (SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure) while SSL handshaking, client: 192.168.1.1, server: example.com:443 ``` I've experimented with various SSL protocols in my Nginx configuration such as adding `ssl_protocols TLSv1.2 TLSv1.3;`, but this hasn't resolved the issue. Any insights on how to correct this? Is there something specific about the server block or SSL configuration that I might be overlooking? I want to ensure that our migration is smooth and allows for secure connections. My development environment is Linux. This is part of a larger CLI tool I'm building. Has anyone else encountered this? This is part of a larger service I'm building. Any help would be greatly appreciated! Thanks for any help you can provide! I've been using Nginx for about a year now.