Problem with proxy forward

  • I really like the proxy forward option for a subdomain, to reach addresses with ports other than 80 over connections that only permit port 80. Since version 1,4.7 it works for me - but only on some forwards.


    There are other forwards that don't work, although the entered forwarding address is correct and can be reached. I get an error 503. From the log:


    Code
    1. [Fri Jul 28 14:56:26.742497 2017] [proxy:error] [pid 28349:tid 140498503657216] [client my.ip.address:60914] AH00898: Error during SSL Handshake with remote server returned by /
    2. [Fri Jul 28 14:56:26.742503 2017] [proxy_http:error] [pid 28349:tid 140498503657216] [client my.ip.address:60914] AH01097: pass request body failed to destination.ip.address:5001 (myaddress.gotdns.org) from my.ip.address ()

    What could be the cause of this misfunction?


    Thx for helpful hints
    Chris


    Debian 8.9 (Jessie)
    I-MSCP 1.4.7 PHP-FPM
    LetsEncrypt 3.3.0

  • The problem is clearly stated in logs, that is: An SSL problem.


    As I see, you try to reach your remote host through SSL connection, using an address IP (my.ip.address:60914). For sure, that IP address is no part of the subject alternative names in the SSL certficate that is set for the remote server.


    You can try to solve the problem at the apache level, by adding the SSLProxyCheckPeerCN off directive inside the /etc/apache2/sites-available/00_nameserver.conf file, below the SSLProxyVerify none directive. Once done, restart Apache and try again.


    See also: https://stackoverflow.com/ques…dshake-with-remote-server

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206