I need redirect from tbot-test.ias.su:443 which receives HTTPS connection to 127.0.0.1:8443 that receives HTTP connection.
The backend (the service resides on 8443 port), listens http.
I have config file:
upstream botapi {
server 127.0.0.1:8443;
}
server {
listen 443 default ssl;
server_name tbot-test.ias.su;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_certificate /home/opshenichnikova/NetBeansProjects/bot-integrity/keystore.pem;
ssl_certificate_key /home/opshenichnikova/NetBeansProjects/bot-integrity/keystore.key;
ssl_verify_client off;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://botapi;
proxy_ssl_session_reuse off;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwared-For $proxy_add_x_forwarded_for;
}
}
But I get error:
2018/06/21 16:21:03 [error] 5193#5193: *21 SSL_do_handshake() failed
(SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol) while SSL handshaking to upstream, client: 74.82.47.3,
server: tbot-test.ias.su, request: "GET / HTTP/1.1", upstream:
"https://127.0.0.1:8443/", host: "176.74.9.174"
Best Answer
Your backend is running on a strange port number for non-SSL traffic, but so be it.
Change
to