• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

SSL sites receive 502 Bad Gateway when nginx is enabled

BoiseComputer

BoiseComputer

Regular Pleskian
When I turn on nginx for the server I am able to browse non SSL protected sites correctly. I receive a 502 Bad Gateway error on any sites that have an SSL certificate. Is there a fix for this? I have been unable to find one.

I am running Plesk 12 on an Ubuntu server.
 
I have gotten all but one of my SSL sites to work. It seems for that domain the files/symlinks are not the same as on of my other SSL sites. I am thinking I might delete that user/domain and re-upload the files and recreate the database to see if it fixes the issue. I have tried rebuilding the config files with the extension and reconfiguring the domain from the command line. Once I get this one site fixed I will finally be able to use nginx.
 
BoiseComputer said:
I have gotten all but one of my SSL sites to work. It seems for that domain the files/symlinks are not the same as on of my other SSL sites. I am thinking I might delete that user/domain and re-upload the files and recreate the database to see if it fixes the issue. I have tried rebuilding the config files with the extension and reconfiguring the domain from the command line. Once I get this one site fixed I will finally be able to use nginx.
Click to expand...
Id plain check nginx.conf in the https-section and compare to http-section - same for Apache. Educated guess without info: the Apache-https in that domain's vhost is configured incorrectly (fast fix: clone site to another; delete that customer site incl. the domain; clone back to the original site - I know, but thats Plesk logic ;) ).
 
I fixed it.
I added the following at the end of the file vhosts_ssl.conf in the conf folder for each domain that wouldn't pull up correctly.
Code: 
SSLHonorCipherOrder On
SSLProtocol all -SSLv2
SSLCipherSuite ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AEDH:!AESGCM
SSLInsecureRenegotiation off
 
Hi BoiseComputer,

your current modifications are vulnerable and NGINX SSL/TLS renegotiation is disabled since "nginx 0.8.23" ( 11.11.2009 ).
Some of your domains on your server ip even don't have a valid SSL certificate ( false configurations or certificates pointing to ssl2000.cloudflare.com ). You might want to check your configurations on https://www.ssllabs.com/ssltest/
 
Thanks for pointing that out UFHH01. I found out that the "Run As User" was causing errors with SSL on NGINX. I disabled that on the accounts and the secure ciphers and protocols now work correctly. The cloudflare.com SSL is hybrid between the user and cloudflare. The others should be normal SSL now. Feel free to let me know if you see any other issues.
 
You must log in or register to reply here.

Similar threads

D
Issue 502 Bad Gateway - New Install - Restored from Backup
Replies
10
Views
628
MartinT
M
Mario Chamorro
Input Webmail 502 Bad Gateway
Replies
0
Views
1K
Mario Chamorro
Mario Chamorro
A
Issue 502 Bad Gateway nginx - have not changed anything
Replies
3
Views
1K
The 8th
The 8th
A
Issue 502 Gateway error with HTTP POST Requests but not GET requests
Replies
3
Views
1K
Maarten
M
S
Question How can I make my changes to Nginx site config Permanent per site?
Replies
3
Views
199
Raul A.
R
Back
Top