Nginx - Upstream SSL - peer closed connection in SSL handshake

前端 未结 6 2036
失恋的感觉
失恋的感觉 2021-02-14 03:26

I am getting this error:

Error frontend: 502 Bad gateway

99.110.244:443

2017/09/28 13:03:51 [error] 34080#34080: *1062 peer closed

相关标签:
6条回答
  • 2021-02-14 03:43

    Here is what worked for me. I had a server section with server_name setup with a wildcard search and had to do the following in the location section:

    proxy_ssl_name $host;
    proxy_ssl_server_name on;
    proxy_pass https://istio-ingress-gateway
    
    0 讨论(0)
  • 2021-02-14 03:44

    Adding this line after the proxy_pass worked for me.

    proxy_ssl_server_name on;

    Before that I did this from here

    In REDHAT 7/ CentOS 7/ Oracle Linux 7: Install the certificate in your enviroment.

    1. Download Active PEM certificate from: https://letsencrypt.org/certificates/ in /etc/pki/ca-trust/source/anchors
    2. Execute: sudo update-ca-trust

    Not sure if those last 2 steps needed, but doing both worked for me.

    Cheers,

    0 讨论(0)
  • 2021-02-14 03:49

    I had had this issue and I had to this to my location block

    proxy_ssl_name your.proxiedserver.name; proxy_ssl_server_name on;

    0 讨论(0)
  • To improve the other answer I would say that

    upstream is really important

    For simple redirect from one domain into another just use this:

    http {
    ....
    upstream someserver {
            server your.domain.name.com:443;
    }
    
    location / {
       proxy_pass https://someserver;
    }
    
    }
    
    0 讨论(0)
  • 2021-02-14 04:04

    Change your upstream to use the IP

    upstream webshop_domain_be {
            server <IP>:443;
    }
    

    And then change your proxy_pass block to

    location / {
       proxy_ssl_session_reuse off;
       proxy_ssl_server_name "webshop.domain.be";
       proxy_pass $scheme://webshop_domain_be;
    }
    

    If the above doesn't work then add proxy_ssl_server_name on; also to the config

    0 讨论(0)
  • 2021-02-14 04:10

    i use this @nginx

    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 1h;
    ssl_buffer_size 4k;
    

    with

    grep worker_processes /etc/nginx/nginx.conf
    worker_processes auto; <<<-- auto not the default value "1"
    
    0 讨论(0)
提交回复
热议问题