SSL handshake Error

harshshah8996 · January 12, 2022, 9:38am

Hello team,

We use nignx as a webserver and certbot to generate SSL for domains.
When we check error log of Nginx, we found the following logs

[crit] 100477#100477: *119928 SSL_do_handshake() failed (SSL: error:14201044:SSL routines:tls_choose_sigalg:internal error) while SSL handshaking, client: 172.104.14.17, server: 0.0.0.0:443

[crit] 100477#100477: *121869 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 64.62.197.92, server: 0.0.0.0:443

How to fix this error?

My domain is: app.linkjoy.io
Webserver - Nginx
OS - ubuntu
Certbot version - 0.40.0

Osiris · January 12, 2022, 11:06am

Could you please elaborate more about the context of these errors?

Why do you want these errors fixed in the first place? A webservers log is usually filled with a lot of useless requests. Bots, search engines, et cetera. Personally I wouldn't care if those errors are from $random requests.

rg305 · January 12, 2022, 8:17pm

Name:    cloud-scanner-0dde76e1.internet-research-project.net
Address: 172.104.14.17

How to fix this error?
There is no "fixing" such a scan.
You're best bet is to block them altogether.

rg305 · January 12, 2022, 8:21pm

For the other IP:

It's also scanning random IPs and ports (and should also be dropped):

rg305 · January 12, 2022, 11:19pm

Funny!
They seem to have quickly moved to another IP:

Name:    172-104-14-17.ip.linodeusercontent.com
Address: 172.104.14.17

cloud-scanner-0dde76e1.internet-research-project.net
Non-existent domain

system · February 11, 2022, 11:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.