Just to be sure of a common understanding: with handover by the
redirector I mean that, while only httpd is listening on the server
port, the same port is having ESTABLISHED sessions with different
programs (java, httpd, ombd), so my understanding is that the NGINX
configuration is able to talk to httpd and the java processes, but
failing with ombd.
I would like to get an even better understanding of the communication
of what is being talked between NGINX as proxy and the server, but I
am still seeing "Encrypted Application Data" on that part of the road,
although I successfully imported the private keys of both NGINX and
the server.
When NGINX is talking to the server, what I see on TLS layer, is the
following:
TLSv1 Record Layer: Handshake Protocol: Client Hello
TLSv1 Record Layer: Handshake Protocol: Client Hello
TLSv1 Record Layer: Handshake Protocol: Server Hello
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Handshake Protocol: Server Hello
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Encrypted Alert
TLSv1 Record Layer: Alert (Level: Fatal, Description: Close Notify)
TLSv1 Record Layer: Encrypted Alert
TLSv1 Record Layer: Alert (Level: Fatal, Description: Close Notify)
... but all application data is still encrypted.
The four "Change Cipher Spec" in rapid successions are not healthy, I
deem.
redirector I mean that, while only httpd is listening on the server
port, the same port is having ESTABLISHED sessions with different
programs (java, httpd, ombd), so my understanding is that the NGINX
configuration is able to talk to httpd and the java processes, but
failing with ombd.
I would like to get an even better understanding of the communication
of what is being talked between NGINX as proxy and the server, but I
am still seeing "Encrypted Application Data" on that part of the road,
although I successfully imported the private keys of both NGINX and
the server.
When NGINX is talking to the server, what I see on TLS layer, is the
following:
TLSv1 Record Layer: Handshake Protocol: Client Hello
TLSv1 Record Layer: Handshake Protocol: Client Hello
TLSv1 Record Layer: Handshake Protocol: Server Hello
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Handshake Protocol: Server Hello
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Application Data Protocol: http
TLSv1 Record Layer: Encrypted Alert
TLSv1 Record Layer: Alert (Level: Fatal, Description: Close Notify)
TLSv1 Record Layer: Encrypted Alert
TLSv1 Record Layer: Alert (Level: Fatal, Description: Close Notify)
... but all application data is still encrypted.
The four "Change Cipher Spec" in rapid successions are not healthy, I
deem.