Error with SSL: PR_END_OF_FILE_ERROR on some computers

Hello,

I am sorry to disturb you. I have an huge issue with Nignx’s configuration (I think).
I’ve got a jitsi instance running on a VPS, everything is fine for the most of users except some of them who are using MacOS and Windows with an antivirus.

Firefox returned PR_END_OF_FILE_ERROR. I spend my time to search after this error and it appears to be the end of nginx’s cipher list, an antivirus which is blocking something, VPN or Proxy.
I asked them to turn off their antivirus and even by uninstalling them and reboot their computer, it doesn’t work.

I updated cipher according to SSL config by Mozilla, in vain, they occurred the same error than before.

I’m using the default Jiti’s configuration, installed by the official Debian’s repository.
Let’s Encrypt is also used to generate certificates. Everything is fine except for them…

I’m using:

  • Nginx 1.1.14
  • Jitsi-meet 2.0.4857
  • Certbot 0.31.0-1

Honestly, I am in despair. I tried lot of thing and nothing changed.

I can pass everything you want/need to help me.

Thank you.

Alyve

Is https://meet.jit.si working for the same clients?

Hello,

Yes it works fine, no problem.

Could you try the following to check a possibility

In “/etc/nginx/modules-enabled/60-jitsi-meet.conf” change this line

#proxy_pass $upstream;
proxy_pass web;

And restart the nginx service

systemctl restart nginx

Hello,

I’m sorry, I had to work. :sweat_smile:
It’s perfect ! It works fine, thank you !

May you explain what’s changing on this line ? I didn’t understand… if you have neough time, of course.

Thank you. :slight_smile:

TCP/443 is shared by two services on the usual installation. These are jitsi-meet (web interface) and coturn (the turn server). Nginx checks the incoming traffic and decides which upstream will be used. But the check process is broken. Therefore some applications/tools don’t want to connect this suspicious port.

The change disabled the sharing and directed all traffics to the web interface.

Check this topic for more details.