Unable to proxy pass to https backend on nginx
Maxim Dounin
mdounin at mdounin.ru
Mon Sep 7 00:59:01 UTC 2020
Hello!
On Sun, Sep 06, 2020 at 10:15:28AM -0400, ravansh wrote:
> I am unable to reverse proxy to my https backend. what am i doing wrong? I
> am using the same set of cert for the backend and frontend as I am running
> them both on the same machine. I got my certificates from zerossl. Here is
> the error I get :
>
> curl --cacert /etc/ssl/certs/ca_bundle.crt https://www.ravi.guru
>
> <html>
> <head><title>502 Bad Gateway</title></head>
> <body>
> <center><h1>502 Bad Gateway</h1></center>
> <hr><center>nginx/1.16.1</center>
> </body>
> </html>
> In my /var/log/nginx/error.log I get this:
>
> 2020/09/06 01:50:53 [error] 2603#0: *4 upstream SSL certificate verify
> error: (2:unable to get > issuer certificate) while SSL handshaking to
> upstream, client: 192.168.103.15, server: www.ravi.guru, request: "GET /
> HTTP/1.1", upstream: "https://192.168.103.15:8080/", host: "www.ravi.guru"
>
> When I connect to backend directly, all goes well:
>
> curl --cacert /etc/ssl/certs/ca_bundle.crt https://www.ravi.guru:8080
Are there any other virtual servers on the port 8080? If yes, you
may want to switch on SNI in connections to upstream servers using
the proxy_ssl_server_name directive, see here for details:
http://nginx.org/r/proxy_ssl_server_name
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list