For an SSL connection to be successful, there needs to be a full SSL handshake between server and client. This consumes a lot of CPU power.
If you’re using Nginx as the Apache reverse proxy, then you may encounter an error log file that reads:
This is a common Nginx error that shows how the localhost IP is receiving the request. Please note that if you’re using SSL, each host should have a dedicated IP address.
You can fix this error by following these steps:
If you’re using Nginx as the Apache reverse proxy, then you may encounter an error log file that reads:
Code:
[error] SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 0.0.0.0, server: www.domain.tld, request: “GET / HTTP/1.1”, upstream: “https://127.0.0.1:4343/”, host: “www.domain.tld”You can fix this error by following these steps:
- First thing to do is to make sure the Apache vHost or the site is responding on the non-standard port. Visit https://www.domain.tld:4343 to verify this
- If it loads, take note of the IP address within the <VirtualHost 0.0.0.0:4343> of SSL vHost. If it doesn’t, you can double-check the Apache Configuration.
- Now, head over to the Nginx SSL vHost configuration and take note of the ‘proxy_pass https://0.0.0.0:4343’. The IP address in here should match with the one you noted in the previous step.
