I recently setup an nginx proxy to a mongrel cluster using only https. No big whoop, right? Although I could get a file from the public directory, whenever I tried to invoke something in Rails via the mongrel, it’d hang. The error in the log file was:
2007/09/21 18:17:52 [crit] 4104#0: *33 SSL_do_handshake() failed (SSL: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca) while reading client request line, client: 127.0.0.1, server: staging 2007/09/21 18:17:57 [info] 4104#0: *35 client 127.0.0.1 closed keepalive connection
Sure, I didn’t have a “proper” certificate for SSL, but what gives with the whole hanging thing? Why didn’t it just come screaming back with some professional handwringing(tm) and get on with things?
Well, somehow when this machine was configured it was done without a loopback interface. Consequently, when I tried something like “curl https://localhost/…” from the command line, it’d sit there for forever. So, I created the loopback interface by adding the following lines to /etc/network/interfaces:
# The loopback network interface auto lo iface lo inet loopback
Restarted the machine, fired everything back up, and it works great — no more hanging trying to access a https://localhost/… URL. Go figure.