Hello,
it worked.
I added ssl in the line
server {
listen 192.168.178.105:4200 ssl;
Thanks for your help.
Are there any relations to the nginx forum (ttps://forum.nginx.org)?
I tried to create an account, but didn´t receive an email for email confirmation. And I didn´t find a contact adress.
Greetings
Hans
Gesendet: Freitag, 03. März 2023 um 21:45 Uhr
Von: "Maxim Dounin" <mdou...@mdounin.ru>
An: nginx@nginx.org
Betreff: Re: Reverse Proxy 502 Bad Gateway
Von: "Maxim Dounin" <mdou...@mdounin.ru>
An: nginx@nginx.org
Betreff: Re: Reverse Proxy 502 Bad Gateway
Hello!
On Fri, Mar 03, 2023 at 04:33:25PM +0100, Hans Müller wrote:
> Hello,
> I am working in a proxmox environment, setting up a ngnix reverse proxy
> (192.168.178.103) forwarding requests via https to a nginx backend
> server (192.168.178.105). On the backend server shellinabox is
> installed. Request from the internet are secured via a Letsentcrypt
> certificate. For the encryption to the backend server I use a
> self-signed certificate.
> When I want to open the next-shell.example.com I get an 502 Bad Gateway
> error
> On the reverse proxy are the following configs
> HttpGateway
[...]
> location / {
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_ssl_certificate /etc/selfcerts/stern-example-cert-chain.pem;
> proxy_ssl_certificate_key /etc/selfcerts/stern-example-key.pem;
> proxy_ssl_verify off;
> proxy_pass [1]https://192.168.178.105:4200;
Note you are proxying using the "https" protocol.
[...]
> On the backend server there is the following config
> next-shell.example.com
> server {
> listen 192.168.178.105:4200;
> server_name next-shell.example.com;
But the backend is not configured to use SSL on the socket (or at
least this is not something visible from the configuration
provided). Note no "ssl" parameter on the listen directive.
[...]
> When I try to open the page there is this error in the nginx error log
> {{{
> [error] 1103#1103: *1 SSL_do_handshake() failed (SSL:
> error:0A00010B:SSL routines::wrong version
> number) while SSL handshaking to upstream, client: 95.116.52.151,
> server: next-shell.example.com, request: "GET /f
> avicon.ico HTTP/2.0", upstream:
> "[3]https://192.168.178.105:4200/favicon.ico", host:
> "next-shell.example.com"
> }}}
>
> Any idea, what I can do here?
The error is somewhat expected: you are trying to connect to
non-SSL port using SSL, and this is expected to fail.
You should either configure SSL on the backend, or change proxying
to use the "http" protocol instead.
--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
On Fri, Mar 03, 2023 at 04:33:25PM +0100, Hans Müller wrote:
> Hello,
> I am working in a proxmox environment, setting up a ngnix reverse proxy
> (192.168.178.103) forwarding requests via https to a nginx backend
> server (192.168.178.105). On the backend server shellinabox is
> installed. Request from the internet are secured via a Letsentcrypt
> certificate. For the encryption to the backend server I use a
> self-signed certificate.
> When I want to open the next-shell.example.com I get an 502 Bad Gateway
> error
> On the reverse proxy are the following configs
> HttpGateway
[...]
> location / {
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_ssl_certificate /etc/selfcerts/stern-example-cert-chain.pem;
> proxy_ssl_certificate_key /etc/selfcerts/stern-example-key.pem;
> proxy_ssl_verify off;
> proxy_pass [1]https://192.168.178.105:4200;
Note you are proxying using the "https" protocol.
[...]
> On the backend server there is the following config
> next-shell.example.com
> server {
> listen 192.168.178.105:4200;
> server_name next-shell.example.com;
But the backend is not configured to use SSL on the socket (or at
least this is not something visible from the configuration
provided). Note no "ssl" parameter on the listen directive.
[...]
> When I try to open the page there is this error in the nginx error log
> {{{
> [error] 1103#1103: *1 SSL_do_handshake() failed (SSL:
> error:0A00010B:SSL routines::wrong version
> number) while SSL handshaking to upstream, client: 95.116.52.151,
> server: next-shell.example.com, request: "GET /f
> avicon.ico HTTP/2.0", upstream:
> "[3]https://192.168.178.105:4200/favicon.ico", host:
> "next-shell.example.com"
> }}}
>
> Any idea, what I can do here?
The error is somewhat expected: you are trying to connect to
non-SSL port using SSL, and this is expected to fail.
You should either configure SSL on the backend, or change proxying
to use the "http" protocol instead.
--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
