線上ng出現大量log如下:
[crit] 11838#0: *19968441 SSL_do_handshake() failed (SSL: error:2D06D075:FIPS routines:fips_pkey_signature_test:test failure error:2D08E06B:FIPS routines:FIPS_CHECK_EC:pairwise test failed error:1409B02B:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:reason(43)) while SSL handshaking
centos:7.3.1611 ,kernel:3.10.0-514.el7.x86_64,openssl:1.0.2d
原因:
“EC_KEY_generate_key() internally calls fips_pkey_signature_test() which performs a pairwise check by ECDSA signing/verifying, but some groups don't support ECDSA.”
升級後解決,待跟進