Fix "SSL_do_handshake() failed" in nginx reverse-proxy

In nginx reverse-proxy, when the upstream server relies on SNI, the reverser-proxy may return 502 by follow error:
```
*10 SSL_do_handshake() failed (SSL: error:0A000410:SSL routines::sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstream, client: 172.19.0.1, server: example.host, request: "GET /.well-known/matrix/client HTTP/2.0", upstream: "https://<ip>/.well-known/matrix/client", host: "<domain>"
```
This problem often arises when the upstream server is behind the CDN, setting `proxy_ssl_server_name` to `on` will solve it.
This commit is contained in:
Curious 2023-12-22 07:44:34 +08:00 committed by GitHub
parent 8051fd7012
commit a4c3bedf4b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -123,6 +123,7 @@ server {
location /.well-known/matrix { location /.well-known/matrix {
proxy_pass https://matrix.example.com/.well-known/matrix; proxy_pass https://matrix.example.com/.well-known/matrix;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_ssl_server_name on;
} }
# other configuration # other configuration