Http: TLS handshake error from x.x.x.x:y: no certificate available for ''

I’m using AlibabaCloud CDN. Does anyone have this problem when using CDN like me?

Junk traffic is pretty common. Looks like a few IP addresses trying repeat requests with no SNI. Shouldn’t be too much of a problem unless they’re flooding you with enough traffic to consume a lot of resources, in which case you could look into fail2ban or rate limiting.

You may have misunderstood me. I mean that my CDN settings do not work. I visited my own website - > CDN - > my website - > and made the above tls error. @Whitestrake

You need to ensure your CDN is sending the hostname via SNI. I’m not sure how that’s done on AlibabaCloud.

1 Like

Bingo, it’s the SNI issue. Thank you.

You can also specify the -default-sni CLI flag to allow connections without SNI, if you need a “default” certificate.

1 Like