I was proxying to an IIS server on 443 on nginx 1.1 on FreeBSD and it worked perfectly fine. We moved to nginx 1.4 running on ubuntu and now it won't work.
The following works perfect:
server {
location / {
proxy_pass http://server.domain.com
}
}
But when I change it to
server {
location / {
proxy_pass https://server.domain.com
}
}
It times out. I can curl both http:// and https:// no problem. The strange thing is the log message with the timeout error is showing the IP instead of the hostname.
2013/12/05 09:30:33 [error] 20109#0: *1 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 192.168.1.200, server: external.domain.com, request: "GET / HTTP/1.1", upstream: "https://192.168.1.10:443/", host: "external.domain.com"
What I'm guessing is nginx is trying to proxy to the host via the IP and then timing out because of SSL issues, as the SSL cert is not valid for the IP, only for the domain name.
Why is nginx proxying to the IP instead of the hostname? Can I force it to use the hostname?