Forum List Message List New Topic Print View

ravansh

September 06, 2020 10:15AM

Registered: 3 years ago
Posts: 1

I am unable to reverse proxy to my https backend. what am i doing wrong? I am using the same set of cert for the backend and frontend as I am running them both on the same machine. I got my certificates from zerossl. Here is the error I get :

curl --cacert /etc/ssl/certs/ca_bundle.crt https://www.ravi.guru

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.16.1</center>
</body>
</html>
In my /var/log/nginx/error.log I get this:

2020/09/06 01:50:53 [error] 2603#0: *4 upstream SSL certificate verify error: (2:unable to get > issuer certificate) while SSL handshaking to upstream, client: 192.168.103.15, server: www.ravi.guru, request: "GET / HTTP/1.1", upstream: "https://192.168.103.15:8080/", host: "www.ravi.guru"

When I connect to backend directly, all goes well:

curl --cacert /etc/ssl/certs/ca_bundle.crt https://www.ravi.guru:8080

hi

my index.html is a file with an entry "hi"

===============
Here is my config file
===============

server {
listen 443 http2 ssl;
server_name www.ravi.guru;
ssl_certificate /etc/ssl/certs/certificate.crt;
ssl_certificate_key /etc/ssl/private/private.key;
ssl_trusted_certificate /etc/ssl/certs/ca_bundle.crt;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

location / {
proxy_pass https://www.ravi.guru:8080;
proxy_ssl_certificate /etc/ssl/certs/certificate.crt;
proxy_ssl_certificate_key /etc/ssl/private/private.key;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_ssl_ciphers HIGH:!aNULL:!MD5;
proxy_ssl_trusted_certificate /etc/ssl/certs/ca_bundle.crt;
proxy_ssl_verify on;
proxy_ssl_verify_depth 2;
proxy_ssl_session_reuse on;
}
}
server {
listen 8080 http2 ssl;
#listen [::]:443 http2 ssl;

server_name www.ravi.guru;

ssl_certificate /etc/ssl/certs/certificate.crt;
ssl_certificate_key /etc/ssl/private/private.key;
ssl_trusted_certificate /etc/ssl/certs/ca_bundle.crt;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
root /var/www/ravi.guru/html;

index index.html index.htm index.nginx-debian.html;
}

Reply Quote

RSS

Subject	Author	Posted
Unable to proxy pass to https backend on nginx	ravansh	September 06, 2020 10:15AM
Re: Unable to proxy pass to https backend on nginx	Thomas Ward	September 06, 2020 02:22PM
Re: Unable to proxy pass to https backend on nginx	Maxim Dounin	September 06, 2020 09:00PM
Re: Unable to proxy pass to https backend on nginx	Francis Daly	September 07, 2020 07:12AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 295

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018

Unable to proxy pass to https backend on nginx

Re: Unable to proxy pass to https backend on nginx

Re: Unable to proxy pass to https backend on nginx

Re: Unable to proxy pass to https backend on nginx

Online Users