[GH-ISSUE #4713] TSL Handshake Fail on IPv6 #2994

New issue

Open

opened 2026-02-26 07:37:31 +03:00 by kerem · 1 comment

kerem commented

2026-02-26 07:37:31 +03:00

Owner

Originally created by @rohit267 on GitHub (Aug 14, 2025).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4713

Checklist

Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
- Yes
Are you sure you're not using someone else's docker image?
- Yes
Have you searched for similar issues (both open and closed)?
- Yes

Describe the bug

* schannel: using IP address, SNI is not supported by OS.
* ALPN: curl offers http/1.1
* schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (e.g. handshake failed). More detail may be available in the Windows System event log.
* closing connection #0
curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (e.g. handshake failed). More detail may be available in the Windows System event log.

Nginx Proxy Manager Version
2.12.6

To Reproduce
Steps to reproduce the behaviour:

Add a site with both A and AAAA DNS record.
Reach out the site in IPv6 only. It stalls and never opens

Expected behavior
Site should open on IPv6 only.

Originally created by @rohit267 on GitHub (Aug 14, 2025). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4713 **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? - Yes - Are you sure you're not using someone else's docker image? - Yes - Have you searched for similar issues (both open and closed)? - Yes **Describe the bug** ```* schannel: disabled automatic use of client certificate * schannel: using IP address, SNI is not supported by OS. * ALPN: curl offers http/1.1 * schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (e.g. handshake failed). More detail may be available in the Windows System event log. * closing connection #0 curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is received (e.g. handshake failed). More detail may be available in the Windows System event log. ``` **Nginx Proxy Manager Version** 2.12.6 **To Reproduce** Steps to reproduce the behaviour: 1. Add a site with both A and AAAA DNS record. 2. Reach out the site in IPv6 only. It stalls and never opens **Expected behavior** Site should open on IPv6 only.

kerem added the

stale

bug

labels

2026-02-26 07:37:31 +03:00

kerem commented

2026-02-26 07:37:31 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Feb 25, 2026):

Issue is now considered stale. If you want to keep it open, please comment 👍

@github-actions[bot] commented on GitHub (Feb 25, 2026): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem referenced this issue

2026-02-26 08:31:44 +03:00

[PR #3600] [MERGED] Update certbot-dns-duckdns version (fix #2994) #3729

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#2994

No description provided.

Rows
Columns