3

I need redirect from tbot-test.ias.su:443 which receives HTTPS connection to 127.0.0.1:8443 that receives HTTP connection.

The backend (the service resides on 8443 port), listens http.

I have config file: 

upstream botapi { server 127.0.0.1:8443; } server { listen 443 default ssl; server_name tbot-test.ias.su; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_certificate /home/opshenichnikova/NetBeansProjects/bot-integrity/keystore.pem; ssl_certificate_key /home/opshenichnikova/NetBeansProjects/bot-integrity/keystore.key; ssl_verify_client off; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers RC4:HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { proxy_pass https://botapi; proxy_ssl_session_reuse off; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwared-For $proxy_add_x_forwarded_for; } }

But I get error:

2018/06/21 16:21:03 [error] 5193#5193: *21 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 74.82.47.3, server: tbot-test.ias.su, request: "GET / HTTP/1.1", upstream: "https://127.0.0.1:8443/", host: "176.74.9.174"

Improve this question
2
  • "to 127.0.0.1:8443 tat receives HTTP" Does botapi run http or https? Commented Jun 21, 2018 at 13:36
  • The backend (the service resides on 8443 port), listens http. Commented Jun 21, 2018 at 13:41

1 Answer 1

Reset to default
4

Your backend is running on a strange port number for non-SSL traffic, but so be it.

Change

proxy_pass https://botapi

to

proxy_pass http://botapi
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.