Question

502 error after droplet resize. Ngninx error related to SSL

Posted on September 30, 2023
DigitalOcean Droplets
Asked by dany68

Hi,

After resizing down one of my droplet I got the error 502. Everything was working perfectly before. Looking into the log of ngninx i got:

[crit] 8045#8045: *89 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 149.102.246.10, server: 0.0.0.0:443

I use laravel forge to deploy the site. The api is laravel and the front end is nuxt. I tried to recreate a let’s encrypt certificate from forge but it’s not working. I also tried to resize up the droplet, turn off/on ngninx, server, php… Nothing works.

Thank you for your help, Daniel

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

dany68 • October 7, 2023

Accepted Answer

Hi,

Sorry for such a late reply. I didn’t connect and forgot about this post. The error was due to something with pm2. I killed all the processes and restart them. It worked perfectly after.

Thank you so much for all your answers and help ! :)

KFSys

Site Moderator

• September 30, 2023

Heya,

the error would suggest and issue with the App if I’m not mistaken rather than an issue with the SSL.

Unless you’re debugging a specific issue, it usually makes sense to turn off the logging of TLS handshake errors server-side: You’re just going to get bloated with errors from misbehaving clients.

Do you see an error on your application? If, yes, check your application’s error log rather than the Nginx one.

Bobby Iliev

Site Moderator

• October 2, 2023

Hi there,

I think that the warning that you’ve shared should not really cause the 502 error as discussed in this post here.

I could suggest checking the Nginx error log again using this command:

tail -f /var/log/nginx/error.log

And then once you run the command refresh your site a few times to trigger the 502 error and then check the output again.

Feel free to share the output here so I can try to advise you further!

Usually, the 502 error with PHP applications occurs if the Nginx configuration is not using the correct PHP-FPM backend or if PHP-FPM is not running for any reason. So it could be worth checking the PHP-FPM logs and status as well.

Best,

Bobby