nginx with proxy protocol , ssl handshake failed

Question

Hello everyone ,

I have a nginx webserver behind DO Loadbalance I have around 12 domains in my webserver some domains direct to Loadbalnce’s IP directly and other redirect to it via cloudflare
recently I faced a problem to get client’s Real IP for domain that redirect to the server directly without cloudflare .

I search on this issue and I found that I have to enable Proxy Protocol on the LoadBalance then I have to configure the nginx to accept Proxy Protocol

I follow this tutorial

https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/#configuring-nginx-to-accept-the-proxy-protocol

and I got it done .

but if I add this directive to domain’s nginx configure files

listen 80 proxy_protocol;

all other domains on cloudflare got error ssl handshake failed and not working

how to get proxy_protocol directive work without effect on other domains ?

thank you so much .

Answer 1

bobbyiliev January 6, 2020

Hello,

It sounds like that you’ve managed to fix the first part but now there is an issue with the Cloudflare SSL. What I could suggest here is trying to change your CloudflareSSL from Full to Flexible.

For more information about the difference, you could take a look at the official Cloudflare documentation here:

Cloudflarettps://support.cloudflare.com/hc/en-us/articles/200170416-End-to-end-HTTPS-with-Cloudflare-Part-3-SSL-options#h_4e0d1a7c-eb71-4204-9e22-9d3ef9ef7fef

Hope that this helps!
Regards,
Bobby

Reply Report

Related

Question

nginx with proxy protocol , ssl handshake failed

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

nginx with proxy protocol , ssl handshake failed

Related

Leave a comment

Related

question

nginx load balancing for two servers host images

question

Nginx as load balancer in front of ... nginx?

question

How to add a new cipher to Nginx?

question

How do I get all real ip?

Looking for something else?