SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share)

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: oicnmdjangobackend.com

I ran this command: sudo tail -f /var/log/nginx/error.log

It produced this output: [crit] 26456#26456: *42 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 62.210.90.209, server: 0.0.0.0:443

My web server is (include version): Nginx (1.25)

The operating system my web server runs on is (include version): Ubuntu

My hosting provider, if applicable, is:AWS EC2

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

Hi there @cto,

Do you have a specific issue or problem you'd like to address? From my point of view, your website works "perfectly" (Django doesn't work, but at least the HTTPS bit works fine).

Do you know the IP address 62.210.90.209? Or is this just something you've found in your logs and you don't know what to do with it?

SSLLabs is also giving your site an "A", which is good: SSL Server Test: oicnmdjangobackend.com (Powered by Qualys SSL Labs)

Thanks for your response. I have a React app that posts to a Django backend (API). On getting to production, whenever the frontend tries to post to the backend, the POST fails and when I come to my log file, I see this error. I've tried all the solutions at my disposal but to no avail. Any help will be greatly appreciated.

You mentioned Django doesn't work, please could you tell me why? All error checks were fine.

And the IP address 62.210.90.209 is from your React app?

Well, if I go to your site, I'm seeing the following:

image1280×1200 31.7 KB

Maybe that's intentional?

The IP is from the client I guess.
That's the default behaviour of Django apps and the page shows that it's working. I will change the page later.

You guess or you know?

Because sometimes these log entries are caused by some random IP scanners on the internet.

What's the log entry/error message from your React app?

Ah, I now see (looking at the articles and courses from your API) the meaning of "OICNM". As a regular medical doctor I have some principled objections against alternative medicine. Maybe some other volunteer can help you further, sorry.

The IP is from the browser trying to post to the API. I couldn't get any log from the front end.

that IP is from SCALEWAY : does that ring a bell?

and can you do full wireshark capture on that server?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.