notaduck
By:
notaduck

Nginx - Reverse proxy - 502 BAD GATEWAY (Only with HTTPS:// )

July 19, 2015 24.7k views
Nginx Server Optimization

I am trying to make a reverse proxy server with Nginx, i have a Proxy (for HTTP) and a Proxy-SSL (For HTTPS)

I have some problems with the Proxy-SSL (HTTPS)
I am getting a bad gateway 502 error when i am trying to connect to https://owncloud.example.eu

but when i use https for my example.eu site then everything is working flawless

the backend servers are LAMP'server

The logs are empty.

server {
listen 443 ssl;
server_name example.eu;


ssl on;
    ssl_certificate         /etc/nginx/ssl/wordpress/wordpress.crt;
    ssl_certificate_key     /etc/nginx/ssl/wordpress/wordpress.key;
    #ssl_trusted_certificate /etc/nginx/ssl/path/ca-certs.pem;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   # don't use SSLv3 because of killer poodles


#Uncomment to enable the settings
#gzip  on;

location / {
 # app1 reverse proxy follow
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header Host $host;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_pass https://10.0.2.5:443;
}  
}

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#  #  #  #  #  #  #   #  Webserver 2  #  #  #  #  #  #  #  #  #  #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

server {
listen 443 ssl;
server_name owncloud.example.eu;


 ssl on;
     ssl_certificate         /etc/nginx/ssl/owncloud  /owncloud.crt;
     ssl_certificate_key     /etc/nginx/ssl/owncloud/owncloud.key;
     #ssl_trusted_certificate /etc/nginx/ssl/path/ca-certs.pem;
     ssl_ciphers  HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers  on;
     ssl_session_cache    shared:SSL:1m;
     ssl_session_timeout  5m;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   # don't use SSLv3 because of killer poodles


#Uncomment to enable the settings
#gzip  on;

location / {
  # app1 reverse proxy follow
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header Host $host;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_pass https://10.0.2.7:443;
} 
} 
1 comment
  • The ssl_certificate directive of the second vhost has a space in the path - /etc/nginx/ssl/owncloud /owncloud.crt. May this was introduced when copy pasting it?

    Is the backend server (owncloud) at 10.0.2.7 also configured with an SSL certificate?

1 Answer
Have another answer? Share your knowledge.