If you happen to have a Nginx upstream using AWS API Gateway, and gets this error ‘SSL_do_handshake() failed (SSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) while SSL handshaking to upstream‘
Here is the fix – you need to add ‘proxy_ssl_server_name on;‘ in your nginx.conf. The directive is only available since version 1.7.0.
Reference: proxy_ssl_server_name
| Syntax: | proxy_ssl_server_name |
|---|---|
| Default: |
proxy_ssl_server_name off; |
| Context: | http, server, location |
This directive appeared in version 1.7.0.
Enables or disables passing of the server name through TLS Server Name Indication extension (SNI, RFC 6066) when establishing a connection with the proxied HTTPS server.
Jackie Chen's IT Workshop 
Reblogged this on Works@Scale and commented:
Fix for SSL handshake failure, AWS API Gateway and nginx 1.7.0 & up