I have website server by Nginx in FreeBSD. Last week we decided to drop support for SSLv3 connection for our site.
However I wondering if nginx has logs of all client who can't do SSL-handshake successfully. It would be great if we has some data about IP address that still using SSLv3 connection.
I tried to look into nginx error log. That's where I find little logs only
2015/03/18 16:55:32 [error] 48792#0: accept4() failed (53: Software caused connection abort)
2015/03/19 19:47:05 [error] 48791#0: accept4() failed (53: Software caused connection abort)
2015/03/19 23:39:54 [error] 48791#0: OCSP_check_validity() failed (SSL: error:2707307D:OCSP routines:OCSP_check_validity:status expired) while requesting certificate status, responder: ocsp2.globalsign.com
There are no mention of aborted client because of fail SSLv3-handshaking. Can nginx configured to logs this kind of error?
Best Answer
In the access log you can add the $ssl_protocol variable but this is only going to work with enabled SSL Protocols which is not the case with SSLv3 . With the error log you can modify the log_level to info and you will get information about the SSL Protocol when a connection is aborted: