server: Ubuntu Server 16.04.2 lts 32bit
nginx: nginx 1.11.13
openssl: openssl-1.0.2k
patch: openssl__chacha20_poly1305_draft_and_rfc_ossl102j.patch
hello,I use ./configure --add-module=../ngx_brotli --add-module=../nginx-ct-1.3.2 --with-openssl=../openssl --with-http_v2_module --with-http_ssl_module --with-http_gzip_static_module to compile nginx. Anything seems ok. But it post 'bad record mac' when the handshake use 'chacha20'. When I removed EECDH+CHACHA20:EECDH+CHACHA20-draft: from my ssl_ciphers,it works well.
Could you please help me how to troubleshoot this? There is nothing in my nginx error log.
For bug fix, now I modify ssl_ciphers to EECDH+CHACHA20:EECDH+CHACHA20-draft. so my website doesn't work. My site url is https://bblove.me.
vkrasnov
commented
7 years ago
server: Ubuntu Server 16.04.2 lts 32bit nginx: nginx 1.11.13 openssl: openssl-1.0.2k patch: openssl__chacha20_poly1305_draft_and_rfc_ossl102j.patch hello,I use
./configure --add-module=../ngx_brotli --add-module=../nginx-ct-1.3.2 --with-openssl=../openssl --with-http_v2_module --with-http_ssl_module --with-http_gzip_static_moduleto compile nginx. Anything seems ok. But it post 'bad record mac' when the handshake use 'chacha20'. When I removedEECDH+CHACHA20:EECDH+CHACHA20-draft:from my ssl_ciphers,it works well. Could you please help me how to troubleshoot this? There is nothing in my nginx error log. For bug fix, now I modifyssl_cipherstoEECDH+CHACHA20:EECDH+CHACHA20-draft. so my website doesn't work. My site url is https://bblove.me.