reverse proxy an apache who forces ssl
Isaac Hailperin
i.hailperin at heinlein-support.de
Tue Jul 17 14:05:17 UTC 2012
Hi,
I am trying to proxy an apache, who forces ssl, see my vhost config:
RewriteEngine On
RewriteRule /(.*)$ https://www.acme.eu/$1 [R=301,L]
The nginx config for port 443 looks like this:
[...]
location ~* \.(jpg|gif|png|css|js) {
try_files $uri @proxy;
}
location @proxy {
proxy_pass http://www.acme.eu;
}
location / {
proxy_pass http://www.acme.eu;
}
This obviously gives me a rewrite loop, since apache forces https, and
nginx keeps trying http.
When I change http to https in the location blocks, I get a 502 bad
gateway error, and the nginx log tells me
012/07/17 15:42:30 [error] 3671#0: *21 SSL_do_handshake() failed (SSL:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol)
while SSL handshaking to upstream, client: 8.1.87.11, server:
www.acme.eu, request: "GET / HTTP/1.1", upstream:
"https://10.11.12.13:443/", host: "www.acme.eu"
My interpretation is that nginx does not know how to handle the upstream
ssl connection. Is that correct?
How can I configure nginx to do that? Is that possible at all?
Not sure if its of interest, but: nginx has the ssl certs for
www.acme.eu configured correctly, but thats for the side where nginx is
the server to the client.
Of course, an option would be to drop the https forcing in the apache,
and put the forcing in nginx, but currently that is not an option, as we
are in a testing phase, where the proxied and unproxied versions of the
site must be available.
Isaac
More information about the nginx
mailing list