HTTP access not working from Chrome, only HTTPS

Hi, people.

I 'm trying to publish IBM Connections by NGINX allowing access using
both
HTTP and HTTPS . By HTTPS is working but when I try to access by HTTP I
get
this error in Google Chrome only:

This XML file does not appear to have any style information associated
with
it. The document tree is shown below.

403

You are not authorized to perform the requested action.


In Firefox there is no error message , but the page does not load
correctly
. In Internet Explorer it opens normally. Internally it works in any
browser. I believe I need some additional configuration in Nginx. My
code
is:

upstream connections.domain.com {
server 172.16.0.83:443 weight=100000; #LAN/Connections address
server 172.16.0.83:80;
}
server {
listen 172.17.0.14:80; #DMZ/NGINX
address
listen 172.17.0.14:443 default ssl;
server_name connections.domain.com;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_certificate /etc/nginx/ssl/connections.cer;
ssl_certificate_key /etc/nginx/ssl/connections.pem;
ssl_verify_client off;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://connections.domain.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_next_upstream timeout;
}
}

In the Nginx log file, I saw these messages when trying to access from
Google Chrome:

“POST /homepage/j_security_check HTTP/1.1” 403 161
http://connections.domain.com/homepage/login/” “Mozilla/5.0 (Windows NT
6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124
Safari/537.36” “-”

SSL_do_handshake() failed (SSL: error:140770FC:SSL
routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking
to
upstream, client: 179.213.15.12, server: connections.domain.com,
request:
“GET /homepage HTTP/1.1”, upstream: “https://172.16.0.83:80/homepage”,
host:
connections.domain.com

Any help will be appreciated. If you need aditional information, please
ask.
Thanks you in advance.

Posted at Nginx Forum:

It would be helpful if you can share a copy of the HTTPS tcpdump on the
serverside.

thanks,

-B