Hello team,
We use nignx as a webserver and certbot to generate SSL for domains.
When we check error log of Nginx, we found the following logs
[crit] 100477#100477: *119928 SSL_do_handshake() failed (SSL: error:14201044:SSL routines:tls_choose_sigalg:internal error ) while SSL handshaking, client: 172.104.14.17, server: 0.0.0.0:443
[crit] 100477#100477: *121869 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share ) while SSL handshaking, client: 64.62.197.92, server: 0.0.0.0:443
How to fix this error?
My domain is: app.linkjoy.io
Webserver - Nginx
OS - ubuntu
Certbot version - 0.40.0
Osiris
January 12, 2022, 11:06am
2
Could you please elaborate more about the context of these errors?
Why do you want these errors fixed in the first place? A webservers log is usually filled with a lot of useless requests. Bots, search engines, et cetera. Personally I wouldn't care if those errors are from $random requests.
2 Likes
rg305
January 12, 2022, 8:17pm
3
harshshah8996:
client: 172.104.14.17
Name: cloud-scanner-0dde76e1.internet-research-project.net
Address: 172.104.14.17
How to fix this error?
There is no "fixing" such a scan.
You're best bet is to block them altogether.
3 Likes
rg305
January 12, 2022, 8:21pm
4
For the other IP:
harshshah8996:
client: 64.62.197.92
It's also scanning random IPs and ports (and should also be dropped):
2 Likes
rg305
January 12, 2022, 11:19pm
5
Funny!
They seem to have quickly moved to another IP:
Name: 172-104-14-17.ip.linodeusercontent.com
Address: 172.104.14.17
cloud-scanner-0dde76e1.internet-research-project.net
Non-existent domain
3 Likes
system
Closed
February 11, 2022, 11:19pm
6
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.