NGINX wants to have a cipher, that matches the output of "openssl ciphers", right?
With "openssl ciphers -V" (which outputs the binary value of the Cipher, too), I found that TLS_RSA_WITH_RC4_128_SHA (0x0005) equals
0x00,0x05 - RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
Put this into nginx.conf on both upstream and downstream, restarted, and retried.
I see that all server hellos confirm the TLS_RSA_WITH_RC4_128_SHA cipher, still the communication will abort shortly after
"Alert Message: Encrypted Alert", again with "SSL_read() failed (SSL: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number) while reading upstream" in the nginx log file.
By now I'm quite pessimistic that I'll ever find a solution for this setup!
With "openssl ciphers -V" (which outputs the binary value of the Cipher, too), I found that TLS_RSA_WITH_RC4_128_SHA (0x0005) equals
0x00,0x05 - RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
Put this into nginx.conf on both upstream and downstream, restarted, and retried.
I see that all server hellos confirm the TLS_RSA_WITH_RC4_128_SHA cipher, still the communication will abort shortly after
"Alert Message: Encrypted Alert", again with "SSL_read() failed (SSL: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number) while reading upstream" in the nginx log file.
By now I'm quite pessimistic that I'll ever find a solution for this setup!