503 Service Unavailable | The plain HTTP request was sent to HTTPS port

@albanosdes wrote:

Hello there. I’m in need of a reverse proxy, using only HTTPS.

I have my VM-HaProxy on 192.168.10.5
and my VM-Git with a web interface (Gogs), with NGINX listening to 443 with let’s encrypt crt which has been validated.

I’m only using HTTPS, always rewriting http to https.

The thing is, i’m getting a 400 error (The plain HTTP request was sent to HTTPS port) with the backend line :
server vm-git 192.168.10.11:443 weight 1 maxconn 8192
And a 503 Service Unavailable with the backend line :
server vm-git 192.168.10.11:443 weight 1 maxconn 8192 check ssl verify none

I went to a lot of forums searching for a solution, but found none.

My Iptables rules are OK :
#HTTP, HTTPS
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT

Debian 8.9 64bits
HA-Proxy version 1.5.8 2014/10/31

haproxy.cfg :

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
    # Default SSL material locations
    # ca-base /etc/ssl/certs
    # crt-base /etc/ssl/private

    ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
    ssl-default-bind-options no-sslv3
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
option forwardfor except 127.0.0.0/8
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http

############################################

frontend https-in
bind 192.168.10.5:443 ssl crt /etc/haproxy/cert/gogs.pem
acl gogs hdr(host) gogs.imperial-legion.fr
use_backend backendgogs if gogs
default_backend backendgogs

############################################

backend backendgogs
option httpchk
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server vm-git 192.168.10.11:443 weight 1 maxconn 8192
#server vm-git 192.168.10.11:443 weight 1 maxconn 8192 check ssl verify none

Posts: 2

Participants: 1

Read full topic

503 Service Unavailable | The plain HTTP request was sent to HTTPS port

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

Ominde Commission Report and Recommendations – Ominde Report of 1964

Bureau of Internal Revenue: Regional Offices (Directory)

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

Mp3 Download: Mdu - Kunjenjenjena

How the kill the job , when DTP request running for long hours.

Microsoft Intune から展開しているアプリのアップデートについて

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

Car crash in Dunton Bassett leaves driver in critical condition

Macky 2, Two Others In Road Accident

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

Detroit mafia: D’Anna Brothers agree to plea deal

Delivery block field greyed out using VA02

Muloraki Au

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出ｗ【リベンジポルノ】＠PornHub

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

FIAT 500 B0111 B0112