does anyone know why am I getting this problem? Basically the connection closes by itself because of dynamic proxy_pass. This is my nginx config.
error from log :
2022/08/25 19:45:28 [error] 14208#0: *13 peer closed connection in SSL handshake (104: Connection reset by peer) while SSL handshaking to upstream, client:
pcre_jit on;
worker_processes 8;
events {
worker_connections 8192;
accept_mutex on;
#accept_mutex_delay 10ms;
multi_accept on;
}
http {
resolver 8.8.8.8 ipv6=off;
error_log /var/log/nginx/nginx_error.log debug;
log_format custom '$remote_addr - $remote_user [$time_local] ';
include mime.types;
default_type application/octet-stream;
server {
listen 443 ssl http2;
add_header Accept-Encoding "";
proxy_set_header Accept-Encoding "";
proxy_intercept_errors on;
recursive_error_pages on;
server_tokens off;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
gzip off;
location / {
resolver 1.1.1.1 ipv6=off;
set_by_lua_block $ip {
return '1.1.1.1'
}
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_hide_header X-Powered-By;
proxy_hide_header X-Nextjs-Cache;
proxy_cache_key "$scheme$request_method$host$request_uri$is_args$args";
proxy_cache_revalidate on;
proxy_ssl_server_name on;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
proxy_ssl_name $host;
proxy_ssl_verify off;
proxy_ssl_session_reuse on;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
add_header X-XSS-Protection "1; mode=block";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy "strict-origin";
add_header Access-Control-Allow-Origin *;
add_header Content-Security-Policy upgrade-insecure-requests;
proxy_pass https://$ip;
ssl_certificate /var/www/nnn/cert.pem;
ssl_certificate_key /var/www/nnn/cert.key;
}
}
0 Answers