Fixing the Nginx Error When SSL Handshaking to Upstream

Fixing the Nginx Error When SSL Handshaking to Upstream

For an SSL connection to be successful, there needs to be a full SSL handshake between server and client. This consumes a lot of CPU power.

If you’re using Nginx as the Apache reverse proxy, then you may encounter an error log file that reads:

Code:
[error] SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 0.0.0.0, server: www.domain.tld, request: “GET / HTTP/1.1”, upstream: “https://127.0.0.1:4343/”, host: “www.domain.tld”
This is a common Nginx error that shows how the localhost IP is receiving the request. Please note that if you’re using SSL, each host should have a dedicated IP address.

You can fix this error by following these steps:
  • First thing to do is to make sure the Apache vHost or the site is responding on the non-standard port. Visit https://www.domain.tld:4343 to verify this
  • If it loads, take note of the IP address within the <VirtualHost 0.0.0.0:4343> of SSL vHost. If it doesn’t, you can double-check the Apache Configuration.
  • Now, head over to the Nginx SSL vHost configuration and take note of the ‘proxy_pass https://0.0.0.0:4343’. The IP address in here should match with the one you noted in the previous step.
Restart the server. The Nginx error should have resolved by now.
Author
kumkumsharma
Views
5,823
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from kumkumsharma

Top