reverse proxy an apache who forces ssl
Isaac Hailperin
i.hailperin at heinlein-support.de
Tue Jul 17 16:45:36 UTC 2012
On 07/17/2012 04:17 PM, Reinis Rozitis wrote:
> You can use 'https' in proxy pass eg:
>
> location @proxy {
> proxy_pass https://www.acme.eu;
> }
>
>
> If you define your backends via upstream {} add also :443 port there.
I defined my upstream like this:
upstream backend-secure {
server 10.10.2.1:443 max_fails=20;
server 10.10.2.1:443 max_fails=20;
}
and my proxy pass
location ~* \.(jpg|gif|png|css|js) {
try_files $uri @proxy;
}
location @proxy {
proxy_pass https://backend-secure;
}
location / {
proxy_pass https://backend-secure;
}
but I keep getting the 502 Bad Gateway error, and
2012/07/17 18:40:05 [error] 5043#0: *1 SSL_do_handshake() failed (SSL:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol)
while SSL handshaking to upstream, client: 8.12.87.11, server:
www.acme.eu, request: "GET / HTTP/1.1", upstream:
"https://10.10.2.1:443/", host: "www.acme.eu"
in my log. What am I doing wrong?
> It is kinda overhead to talk to backends via SSL
I know, I won't use it in production, but at the moment I need this.
Isaac
More information about the nginx
mailing list