Problem with Upstream over SSL
cschiewek
nginx-forum at nginx.us
Thu Dec 5 14:44:55 UTC 2013
I was proxying to an IIS server on 443 on nginx 1.1 on FreeBSD and it worked
perfectly fine. We moved to nginx 1.4 running on ubuntu and now it won't
work.
The following works perfect:
server {
location / {
proxy_pass http://server.domain.com
}
}
But when I change it to
server {
location / {
proxy_pass https://server.domain.com
}
}
It times out. I can curl both http:// and https:// no problem. The strange
thing is the log message with the timeout error is showing the IP instead of
the hostname.
2013/12/05 09:30:33 [error] 20109#0: *1 upstream timed out (110: Connection
timed out) while reading response header from upstream, client:
192.168.1.200, server: external.domain.com, request: "GET / HTTP/1.1",
upstream: "https://192.168.1.10:443/", host: "external.domain.com"
What I'm guessing is nginx is trying to proxy to the host via the IP and
then timing out because of SSL issues, as the SSL cert is not valid for the
IP, only for the domain name.
Why is nginx proxying to the IP instead of the hostname? Can I force it to
use the hostname?
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,245252,245252#msg-245252
More information about the nginx
mailing list