• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

SSL sites receive 502 Bad Gateway when nginx is enabled

BoiseComputer

BoiseComputer

Regular Pleskian
When I turn on nginx for the server I am able to browse non SSL protected sites correctly. I receive a 502 Bad Gateway error on any sites that have an SSL certificate. Is there a fix for this? I have been unable to find one.

I am running Plesk 12 on an Ubuntu server.
 
I have gotten all but one of my SSL sites to work. It seems for that domain the files/symlinks are not the same as on of my other SSL sites. I am thinking I might delete that user/domain and re-upload the files and recreate the database to see if it fixes the issue. I have tried rebuilding the config files with the extension and reconfiguring the domain from the command line. Once I get this one site fixed I will finally be able to use nginx.
 
BoiseComputer said:
I have gotten all but one of my SSL sites to work. It seems for that domain the files/symlinks are not the same as on of my other SSL sites. I am thinking I might delete that user/domain and re-upload the files and recreate the database to see if it fixes the issue. I have tried rebuilding the config files with the extension and reconfiguring the domain from the command line. Once I get this one site fixed I will finally be able to use nginx.
Click to expand...
Id plain check nginx.conf in the https-section and compare to http-section - same for Apache. Educated guess without info: the Apache-https in that domain's vhost is configured incorrectly (fast fix: clone site to another; delete that customer site incl. the domain; clone back to the original site - I know, but thats Plesk logic ;) ).
 
I fixed it.
I added the following at the end of the file vhosts_ssl.conf in the conf folder for each domain that wouldn't pull up correctly.
Code: 
SSLHonorCipherOrder On
SSLProtocol all -SSLv2
SSLCipherSuite ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AEDH:!AESGCM
SSLInsecureRenegotiation off
 
Hi BoiseComputer,

your current modifications are vulnerable and NGINX SSL/TLS renegotiation is disabled since "nginx 0.8.23" ( 11.11.2009 ).
Some of your domains on your server ip even don't have a valid SSL certificate ( false configurations or certificates pointing to ssl2000.cloudflare.com ). You might want to check your configurations on https://www.ssllabs.com/ssltest/
 
Thanks for pointing that out UFHH01. I found out that the "Run As User" was causing errors with SSL on NGINX. I disabled that on the accounts and the secure ciphers and protocols now work correctly. The cloudflare.com SSL is hybrid between the user and cloudflare. The others should be normal SSL now. Feel free to let me know if you see any other issues.
 
You must log in or register to reply here.

Similar threads

A
Issue 502 Bad Gateway nginx - have not changed anything
Replies
2
Views
311
Another_Omeka_User
A
A
Issue Server Error 502 Bad Gateway /
Replies
11
Views
2K
dlabsnl
D
M
  • Locked
Issue 502 Bad Gateway afterstartinga backup download
2 3 4
Replies
79
Views
4K
Peter Debik
P
B
Issue All my nodeJS sites having nginx 502 Error after restoring bakcup
Replies
8
Views
931
Peter Debik
P
C
Issue 502 Bad Gateway - after applying updates
Replies
2
Views
2K
CChris
C
Back
Top