I hope I can at least get help diagnosing this.
I have an ASP.Net Core application in a Ubuntu headless VM (DigitalOcean
Droplet) using a page TLD (therefore I must use SSL) using Cloudflare.
When I execute it using:
dotnet domain.page.dll --launch-profile https
Then use:
curl -k https://127.0.0.1:5443
(the address that Kestrel is listening to) I get a page that I am
expecting. Therefore Kestrel and the application seem to be working.
Cloudflare is managing the domain name and I have a Cloudflare
certificate in the appsettings.json file. I hope that since Kestrel is
working it has accepted the certificate.
When I browse to the domain from another system (over the internet)
Cloudflare is saying 502 Bad Gateway and that the problem is in the
server. Is there a log somewhere showing the incoming request and more
details of the error?
The following is my server block.
server {
listen 443 ssl;
listen [::]:443 ssl;
#ssl_client_certificate /etc/ssl/cloudflare.crt;
ssl_certificate /etc/ssl/domain.crt;
ssl_certificate_key /etc/ssl/domain.pem;
server_name domain.page *.domain.page;
location / {
proxy_passhttp://127.0.0.1:5443;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
I get the same results if I uncomment the ssl_client_certificate.
Is there a way to determine with relative certainty that the 502 is
caused by something in nginx and not Cloudflare or Kestrel or the
application? Is there a way to get more details? If someone knows how to
fix the problem regardless of where and why it is happening then that
would be great help.
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
