Poking around on my personal server, I ran into a misconfiguration that I hadn’t run into before: Nginx was running, and would accept TCP connections on port 443, but wouldn’t negotiate a handshake. I got this error from curl:
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to jacob.hoffman-andrews.com:443
And Qualys’ SSL Server Test gave me:
Assessment failed: No secure protocols supported
It turns out I had a bunch of virtualhosts enabled for SSL/TLS, but none of them was marked with
default_server. Once I added a
default_server tag to the
listen directive for one of my virtualhosts, things started working again. Hope this helps someone out!
From a little looking, it seems like the “No secure protocols” supported can be caused by a variety of issues, so this isn’t necessarily the only thing that might cause that message from SSL Server Test.