Nginx reverse proxy to Heroku fails SSL handshake Nginx reverse proxy to Heroku fails SSL handshake nginx nginx

Nginx reverse proxy to Heroku fails SSL handshake


ssl heroku nginx configuration reverse-proxy

I was able to solve this today and wanted to post the solution in case others run into the same issue.

It turns out that the problem was related to SNI after all. I found this ticket on nginx.org:

https://trac.nginx.org/nginx/ticket/229

Which led me to the proxy_ssl_server_name directive:

http://nginx.org/r/proxy_ssl_server_name

By setting to "on" in your config, you'll be able to proxy to upstream hosts using SNI.

Thanks to all who commented with suggestions!

ssl heroku nginx configuration reverse-proxy

As a note for others a related condition that Heroku imposes is that the HOST field must match the custom domain name.

So in addition to proxy_ssl_server_name you may also want to set a line like:

proxy_set_header Host mycustomdomain.com;

Of course this only applies if the host field incoming into the sever is different from the domain that your server resides in.

The specific error you get is:

SSL certificate error

There is conflicting information between the SSL connection, its certificate and/or the included HTTP requests.

ssl heroku nginx configuration reverse-proxy

Please try by adding proxy_ssl_server_name on

location ^~ /proxiedpath/ {    proxy_ssl_server_name on; }

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last