reverse proxy an apache who forces ssl

Reinis Rozitis r at roze.lv
Wed Jul 18 09:46:45 UTC 2012


>> openssl s_client -connect 10.10.2.1:443
>Its the same error as with nginx:
>~# openssl s_client -connect 10.10.2.1:443
>CONNECTED(00000003)
> 7571:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:607:

It's the problem on backend then - it doesn't (want to) talk ssl, at least on that particular IP/port.



> But: I can connect to the backend directly (not via nginx) using https  without any problem. So I am not sure about this 
> conclusion.

Can you show what does this return: wget --no-check-certificate -S --spider https://10.10.2.1

If you test with browser it might (out of thin air) not complain about the site not actually being SSL or the apache does some sort 
of redirect before actually landing on the real SSL (virtual)host.


But overall you should probably show your apache config (the parts with 'SSLEngine on' ).


rr 



More information about the nginx mailing list