Need help trouble shooting Https webserver error - SSL Handshake failed
I followed this guide: http://hints.macworld.com/article.php?story=20041129143420344
Here is my virtual host definition
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine On
RequestHeader set Front-End-Https "On"
CacheDisable *
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
DocumentRoot "/Users/me/projects/myproject/public"
ServerName ssl.mydomain.com
ServerAlias *.ssl.mydomain.com
SSLCertificateKeyFile "/private/etc/apache2/certs/webserver.nopass.key"
SSLCertificateFile "/private/etc/apache2/certs/newcert.pem"
SSLCACertificateFile "/private/etc/apache2/certs/demoCA/cacert.pem"
SSLCARevocationPath "/private/etc/apache2/certs/demoCA/crl"
ErrorLog "/Users/me/Desktop/ssl.log"
ProxyPass / https://localhost:3002/
ProxyPassReverse / https://localhost:3002
ProxyPreserveHost on
</VirtualHost>
And when I try connecting to the sevre viov the web browser, I get this error:
[Thu Feb 02 16:50:40 2012] [error] (502)Unknown error: 502: proxy: pass request body failed to 127.0.0.1:3002 (localhost)
[Thu Feb 02 16:50:40 2012] [error] [client 96.11.81.39] proxy: Error during SSL Handshake with remote server returned by /session/new
[Thu Feb 02 16:50:40 2012] [error] proxy: pass request body failed to 127.0.0.1:3002 (localhost) from 96.11.81.39 ()
how do I debug / fix this?
Solution 1:
To add to vbartoni's answer, it seems that from Apache 2.4 and up, there are different defaults and a new directive.
I am running Apache 2.4.6, and I had to add the following directives to get it working:
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
Solution 2:
I had a similar problem (the same error logs), except that the proxy was forwarding https traffic to another host.
Since I was lazy and the hosts are in my own isolated network, these directives solved the problem:
SSLProxyVerify none
SSLProxyCheckPeerCN off