Passenger/node/nginx problems with AWS/Dynamo

[jg...@instructure.com]

Hi All, 

I've recently switch my application from running on bare nodejs to passenger/nginx.  I had previously had a problem connecting to dyanamodb through the aws sdk. The problem came down to a bug in node's TLS implementation, details can be found here: https://github.com/aws/aws-sdk-js/issues/862.

I successfully implemented the suggested workaround by changing my aws connection options as follows:

AWS.config['httpsOptions'] = {
  agent: new https.Agent({
    keepAlive: true,
    secureProtocol: 'TLSv1_method',
    ciphers: 'ALL'
  })
}

However when I switched to passenger the connection errors returned:

{"message":"write EPROTO","code":"NetworkingError","errno":"EPROTO","syscall":"write","region":"us-west-2","hostname":"dynamodb.us-west-2.amazonaws.com","retryable":true,"time":"2016-04-04T15:32:10.934Z"}

Is it possible that passenger is proxying the outbound connection and somehow disregarding the httpsAgent options?

[Daniel Knoppel]

It's not really clear to me from your description what you're trying to do and where exactly the errors occur. Are we talking about inbound connections (to your app) or outbound connections (from your app to a third-party service) for example?

For inbound connections Nginx will be the first entry point before your app, so that's what's catching SSL connections, and I'm not sure how the Node.js issue would be related. Passenger doesn't touch outbound connections you establish yourself.

 

- Daniel