1

I'm running a Tornado web server that only accepts SSL connections, and only listens on port 443. Connecting to it in a browser over HTTPS works well.

I'm seeing messages like this in my logs:

ERROR [tornado.general] Uncaught exception
[...]
  File "/usr/lib/python3.4/ssl.py", line 828, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:600)
WARNI [tornado.access] 405 OPTIONS / (<some IP>) 0.57ms

I'm not sure if the warning is related to the error (I need to add time stamps to the logs). The requests don't come in quickly which makes me think it's not an attack; on the other hand, they are coming from many places over the world, and this is a site that not many people should know about.

If I try it myself by going to http://my-site:443 I get the same exception, without the warning, plus an additional line:

WARNI [tornado.general] SSL Error on 18 ('<my IP>', <port>): [SSL: HTTP_REQUEST] http request (_ssl.c:600)

Is something using the wrong protocol to connect to the HTTPS port?

z0r
  • 165
  • 2
  • 9

1 Answers1

1

Try hitting your site with the SSL Server checker on ssllabs.com. It looks like something about some SSL clients is causing them to abort the handshake. This could be various scanners, or it could be some clients are rejecting something about your SSL connection and are dropping it. Many clients will retry with a downgraded connection which is why the site isn't failing.

The 'OPTIONS' warning is likely unrelated.

Jason Martin
  • 4,865
  • 15
  • 24