Strange situation: there is an android app. Before it was working directly to apache2. Recently I've tried to use nginx as a reverse proxy. Application stopped working. Debug on nginx log shows "SSL_do_handshake() failed (SSL: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown:SSL alert number 46) while SSL handshaking". Then switched back to apache2, switched on debugging, but on apache2 application connects using TLS not SSLv3. Is there anybody met such situation? Why android app trying to connect with nginx using SSLv2 (which is deprecated) but with apache2 with TLS? Thanks for thoughts in advance.

I found the answer. Actually, when I use nginx as a reverse-proxy I used SSL certificates in nginx from apache as it is. I found, that in nginx there is a different approach in SSL certificate aplication. The link below helped me:
https://medium.com/@mrkdsgn/steps-to-install-a-go-daddy-ssl-certificate-on-nginx-on-ubuntu-14-04-ff942b9fd7ff
Hope the answer will help you not to make mistake like me.

I was having the same error (error:14094416) on NGINX while using a letsencrypt certificate: the site was working perfectly most of the time, but some mobile applications would fail to open the URL triggering this error in the log.

My problem was I was missing an "intermediate certificate", and that caused some clients to not trust my certificate. I solved by changing to the "full chain" certificate, "fullchain.cer" as generated by acme.sh in my case.

Found this info here: https://community.letsencrypt.org/t/mobile-clients-ssl-alert-number-46/124608