502 Bad Gateway nginx only for access with HTTPS

F

feerdispzoo

Verified User
Joined
Jan 17, 2022
Messages
189
Im spend now about 7 days on this and still i not found good solution for resolve this issue.

For node APP I can access from domain only with http:// when I try access from https then I get 502 Bad Gateway nginx .

proxy pass

|?PROXY_IP=my_server_ip|
|?PORT_8080=3000|
|?PORT_8081=3000|

I try make another test and access directly to app from server IP: when I try access:

http://my_server_ip:3000 then working

when I try access https://my_server_ip:3000 then

ERR_SSL_PROTOCOL_ERROR

Can anyone solve this? Unfortunately, I searched everything and found a very strange error.
 
since your node app does't support https protocol, you need to make change into nginx template and use the proxy_pass "http" only for both nginx server :80 and :443.
 
  1. Confirm that Nginx forwards HTTPS requests to your Node app using proxy_pass http://PROXY_IP:3000;
  2. Avoid using https:// in the proxy_pass directive as it can lead to connection errors.
  3. Enable HTTPS in your Node app using libraries like https or express-https.
  4. Use curl -v https://PROXY_IP:3000 from the Nginx server to verify communication with your Node app.
  5. Check for compatibility issues between Nginx and your Node app's SSL/TLS settings.
 
Yes, just make change to your apps. If your app can access via https, nginx can proxy_pass as https too.
 
@jamgames2 i Found one topic:
stackoverflow.com

Running Next.js in production on HTTPS

I cannot figure out how to set my next js project to run on HTTPS. I am using Next 12.3 and deploying on AWS EC2. I have my SSL sertificates and all ports are open. What should I do to run it like ...
stackoverflow.com stackoverflow.com

and now I check:


and now i think about your reply and make one test.

[root@server ~]# curl "http://localhost:3003"
response website OK
[root@server ~]# curl "https://localhost:3003"
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
[root@server ~]#

So do you think if localhost will be working in https, then domain proxy should also working with https?
 
yes, just make it as insecure. don't worry about ssl.

for curl test you might need "-k" flag, to allow insecure connnection.
 
@jamgames2 now i make some test base on your replies, and now result is:

I totally disabled CloudFlare for first resolve issue in server, and now I can access correct to node app from domain with http and working.

but when I try access with https:// then i not have now 502 bad gateway but i have only

webserver is functioning normally without see app:

1705580558218.png


I use your tip for proxy pass, so now looks like my app is not available under "https" ? If yes, i research most of topics in network, and there is no information about "run nextjs under https". Always are running node app in standard and then proxy pass both http and https and should working in both, but in my case not working and im not sure what is goin wrong.
 
in your case, you proxy_pass with "https", but your node app doesn't support "https" protocol.

I already mention in my reply #5.
Full custom template to proxy_pass as "http" protocol or work hard to make https protocol to work correctly on your node app.
 
Ok so for summary:

  1. server
  2. {
  3. listen my_server_ip:443 ssl http2;
  4. ....
  5. ...
  6. location /
  7. {
  8. # access_log off;
  9. proxy_buffering off;
  10. proxy_pass https://my_server_ip:3006;
  11. proxy_set_header X-Client-IP $remote_addr;
  12. proxy_set_header X-Accel-Internal /nginx_static_files;
  13. proxy_set_header Host $host;
  14. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  15. proxy_hide_header Upgrade;


Because app is also not accesable with https://my_server_ip:3006 so i Cant proxy_pass im right, and now i should also for 443 set proxy_pass with http (remove https)
  1. http://my_server_ip:3006;

im right?


If yes, maybe do you know how can I change this in this way ?


OR

change proxy_pass from server ip to localhost and then make node app working also in https for localhost im right ? Then if i can access to node via http://localhost:3006 then i can also then proxy pass
  1. proxy_pass https://localhost:3006

im not sure if I correct undestand this. Thanks for confirmation.
 
yes, you need to make full custom change template

Customizing NGINX | Directadmin Docs

DirectAdmin Knowledge Base
docs.directadmin.com

just make change on "*_secure" template only

add this code to first line of template
Code: 
|?CUST_PROXY_PROTO=https|

find and replace on line "proxy_pass"
Code: 
proxy_pass |CUST_PROXY_PROTO|://|PROXY_IP|:|PORT_8081|;

then save and close editor.

After this, goto DA Panel "Custom HTTPD Configurations" to custom nginx.
Code: 
|?CUST_PROXY_PROTO=http|
|?PROXY_IP=my_server_ip|
|?PORT_8080=3000|
|?PORT_8081=3000|

save and rewrite virtualhost.

this will not breaking on normals website that's doesn't use node app. it cover with template variable.
 
@jamgames2 working!!!!!!!! Thank you very much for your help. In my life without you, I wouldn't find a solution, maybe in a month or later... Thanks..!
 
You must log in or register to reply here.
Back
Top