Assessment failed: No secure protocols supported


#1

Poking around on my personal server, I ran into a misconfiguration that I hadn’t run into before: Nginx was running, and would accept TCP connections on port 443, but wouldn’t negotiate a handshake. I got this error from curl:

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to jacob.hoffman-andrews.com:443

And Qualys’ SSL Server Test gave me:

Assessment failed: No secure protocols supported

It turns out I had a bunch of virtualhosts enabled for SSL/TLS, but none of them was marked with default_server. Once I added a default_server tag to the listen directive for one of my virtualhosts, things started working again. Hope this helps someone out!

From a little looking, it seems like the “No secure protocols” supported can be caused by a variety of issues, so this isn’t necessarily the only thing that might cause that message from SSL Server Test.