Question

Nginx - Reverse proxy - 502 BAD GATEWAY (Only with HTTPS:// )

Posted July 19, 2015 63.2k views
Nginx Server Optimization

I am trying to make a reverse proxy server with Nginx, i have a Proxy (for HTTP) and a Proxy-SSL (For HTTPS)

I have some problems with the Proxy-SSL (HTTPS)
I am getting a bad gateway 502 error when i am trying to connect to https://owncloud.example.eu

but when i use https for my example.eu site then everything is working flawless

the backend servers are LAMP'server

The logs are empty.

server {
listen 443 ssl;
server_name example.eu;


ssl on;
    ssl_certificate         /etc/nginx/ssl/wordpress/wordpress.crt;
    ssl_certificate_key     /etc/nginx/ssl/wordpress/wordpress.key;
    #ssl_trusted_certificate /etc/nginx/ssl/path/ca-certs.pem;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   # don't use SSLv3 because of killer poodles


#Uncomment to enable the settings
#gzip  on;

location / {
 # app1 reverse proxy follow
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header Host $host;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_pass https://10.0.2.5:443;
}  
}

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#  #  #  #  #  #  #   #  Webserver 2  #  #  #  #  #  #  #  #  #  #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

server {
listen 443 ssl;
server_name owncloud.example.eu;


 ssl on;
     ssl_certificate         /etc/nginx/ssl/owncloud  /owncloud.crt;
     ssl_certificate_key     /etc/nginx/ssl/owncloud/owncloud.key;
     #ssl_trusted_certificate /etc/nginx/ssl/path/ca-certs.pem;
     ssl_ciphers  HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers  on;
     ssl_session_cache    shared:SSL:1m;
     ssl_session_timeout  5m;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   # don't use SSLv3 because of killer poodles


#Uncomment to enable the settings
#gzip  on;

location / {
  # app1 reverse proxy follow
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header Host $host;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_pass https://10.0.2.7:443;
} 
} 
1 comment
  • The ssl_certificate directive of the second vhost has a space in the path - /etc/nginx/ssl/owncloud /owncloud.crt. May this was introduced when copy pasting it?

    Is the backend server (owncloud) at 10.0.2.7 also configured with an SSL certificate?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
Submit an Answer