For the past week I've been noticing many entries like this in our nginx error logs: SSL_do_handshake() failed (SSL: error:1408A0D7:SSL routines:SSL3_GET_CLIENT_HELLO:required cipher missing) while SSL handshaking What does the error "required cipher missing" mean exactly? Some of our users reported that their browser gave them an SSL connection error and then it went away. Others can no longer connect to our site at all. I've had a look at the OpenSSL source code and I think the error is related to checking that the server still supports the last cipher a session used. Is this correct? The only change I can think of that may affect our list of available ciphers was an update to the latest version of OpenSSL that CentOS 5 provided back in November. That was two months ago though, and other than that I can't think of what could be causing this. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150115/6f6f440a/attachment.html>
