nginix TLS error with https portal

guntery

any ideas what the below is (100's per day)? The client is an authenticated windows laptop, so no idea why it would be still talking to the CP...

SSL_read() failed (SSL: error:14191044:SSL routines:tls1_enc:internal error) while waiting for request, client: 10.1.1.102, server: 0.0.0.0:8003

Gertjan

@guntery

Like this :

According the the SSL NGINX Captive portal web server setting, port 8003 is :

	server {
		listen 8003 ssl http2;

So, the device on my captive portal network identifying itself with with 192.168.2.144 and DHCP client ID : "MSFT 5.0" is haerming the TLS only web server with traffic that can be anything, except valid HTTP TLS traffic.

Solution : have a talk with the owner of offending device, "192.168.2.144" in my case.
Or, make it a don't care situation.

It could be a Microrost Windows device that want to talk to the known gateway over port 80, a classic web request. It got redirected to the HTTPS web - portal login - server on port 8003 as per captive portal's firewall instruction. The web client wasn't doing TLS at that moment, although it was told to do a https://yourportal..yournetwork.tld:8003 (== TLS) : the captive portal web server complains now.

guntery

That makes sense. I guess the client has software which is trying to talk to the gateway.