Error while connecting to apache from nginx running on same machine

Hi,

I have an LB setup with nginx for an ssl enabled website. It will be

listening at 443 port. For some requests, i need to proxy them to apache
running at 7443 port in the same machine. but when i send the request,
it is trying to forward it to apache and is getting 500 error. I checked
the logs in apache, where there is nothing logged in ssl-error_log
(which logs all the errors happening while transferring https requests)
but the error_log (which logs all the errors happening while
transferring http requests) was showing the message like [error]
Hello

But if I pass it to apache running in 7443 in some other machine, it is
working fine.

So, I think there is some problem while handshaking between nginx and
apache running on different ports in the same machine. Can some one
please assist me how to resolve this…Thanks in advance…

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,227341,227341#msg-227341

Show us the relative config parts, we’re just guessing without it.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,227341,227371#msg-227371

Hi,
This is our nginx configuration setup.


http {
include mime.types;

gzip  on;
gzip_http_version   1.1;
gzip_proxied     expired no-cache no-store private auth;
gzip_types       text/plain application/xml text/css

application/x-javascript text/xml application/javascript
text/javascript;
gzip_disable “MSIE [1-6].”;

autoindex off;
ssi off;
server_tokens off;

log_format  main  '$remote_addr [$time_local] - "$request" - '
                  '$status - $body_bytes_sent - "$http_referer"';

log_format lb_log '$remote_addr [$time_local] - "$request" - $status

  • 'worker_addr $upstream_addr - ’
    'worker_status $upstream_status - ’
    'worker_response_time $upstream_response_time - ’
    'total_processing_time $request_time - ’
    ‘content_type $upstream_http_content_type’;

    log_format doc_log '$remote_addr [$time_local] - “$request” -
    $status - ’
    'worker_addr $upstream_addr - ’
    'worker_status $upstream_status - ’
    'worker_response_time $upstream_response_time - ’
    'total_processing_time $request_time - ’
    ‘content_type $upstream_http_content_type’;

    access_log logs/access.log main;
    error_log logs/error.log;

    sendfile on;
    keepalive_timeout 60;

    proxy_ssl_session_reuse on;

    upstream loadbalancer {
    server server1-ip:443 weight=1 max_fails=5 fail_timeout=3m;
    server server2-ip:443 weight=1 max_fails=5 fail_timeout=3m;
    }
    upstream docproxy {
    server 127.0.0.1:7443;
    }

    server {
    listen 443 ssl;
    server_name lb.abcd.net;

      location ~ ^/documents/(.*)(jpg|jpeg|gif|png|txt|pdf|html|htm){
         root   /home;
         access_log logs/doc_access.log doc_log;
      }
    
      location ~* ^.+.(jpg|jpeg|gif|png|ico|css|txt|js)$ {
          expires 24h;
          add_header Cache-Control public;
          root   media;
      }
    
      ssl_certificate
    

/root/Apache_New_SSL_Keys/lendingstream.co.uk.crt;
ssl_certificate_key
/root/Apache_New_SSL_Keys/lendingstream.key.nopass;
ssl_session_timeout 3m;
ssl_protocols SSLv3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

    proxy_redirect / /;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_read_timeout 360s;

    location ~ ^/documents/ {
       proxy_pass https://docproxy;
       access_log logs/doc_access.log doc_log;
    }
    location / {
       proxy_pass https://loadbalancer;
       access_log logs/lb_access.log lb_log;
    }

    error_page  403 /403.html;
    error_page  404 /404.html;
    error_page   500 502 503 504  /500.html;

    location ~ ^/(403.html|404.html|500.html)$ {
        root html;
    }
}

}


Here, we will forward all the requests except documents to LB, which in
turn send to either server1 or server2. The document related requests
will be proxy forwarded to apache running in the same machine at 7443
port. But, here comes the problem that when it is sending any request to
apache it is giving 500 error. In apache logs, it’s been logged as
[error] Hello. The apache configurations are:

httpd.conf is,

ServerRoot “/usr/local/apache2”
PidFile logs/httpd.pid
Listen 80
ServerTokens ProductOnly
ServerSignature Off

Loaded all modules which are required

LoadModule *****.so

Loaded all modules which are required

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User USER
Group GROUP

DocumentRoot “/usr/local/apache2/htdocs”

Options -Indexes +FollowSymLinks AllowOverride None Order deny,allow Deny from all

<Directory “/usr/local/apache2/htdocs”>
Options -Indexes +FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all

ErrorLog “logs/error_log”
LogLevel notice

SSLRandomSeed startup builtin SSLRandomSeed connect builtin

<VirtualHost *:80>
Alias /documents /home/documents
<Directory /home/documents>
Order deny,allow
Allow from all

WSGIScriptAlias / apache/django.wsgi
<Directory "apache">

Order allow,deny
Allow from all


and the httpd-ssl.conf is,

LoadModule ssl_module modules/mod_ssl.so
LoadModule wsgi_module modules/mod_wsgi.so

Listen 7443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLPassPhraseDialog builtin

SSLSessionCache
“shmcb:/usr/local/apache2/logs/ssl_scache(512000)”
SSLSessionCacheTimeout 15
SSLMutex “file:/usr/local/apache2/logs/ssl_mutex”

– proxy_pass https://docproxy;
Points to 443,

Yet the upstream wants 7443…
– upstream docproxy {
– server 127.0.0.1:7443;
– }

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,227341,227424#msg-227424

Hey,I found the problem…anyway thank u very much…

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,227341,227437#msg-227437