在尝试使用 Nginx 反向代理使用了 Cloudflare 的站点时,报错 502 Bad Gateway,Nginx 的设置很简单,差不多就如下

proxy_pass https://CloudflareIP;
proxy_set_header Host $host;

奇怪的是,这样的配置对大部分网站都没问题,只有 Cloudflare 会报错。于是,查看 Nginx 日志,发现如下错误:

SSL_do_handshake() failed (SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstream

一番搜索后,有了办法,只需要在之前的基础上添加如下设置:

proxy_ssl_server_name on;

via.https://www.zhiin.net/YwWQ4TWGHX/

 

参考:

https://stackoverflow.com/questions/38375588/nginx-reverse-proxy-to-heroku-fails-ssl-handshake

https://stackoverflow.com/questions/25329941/nginx-caching-proxy-fails-with-ssl23-get-server-hellosslv3-alert-handshake-fail/25330027#25330027

https://community.cloudflare.com/t/reverse-proxy-infront-of-cloudflare/33972

https://github.com/alibaba/tengine/issues/1014

 

https://stackoverflow.com/questions/38931468/nginx-reverse-proxy-error14077438ssl-ssl-do-handshake-failed

最后修改:2019 年 12 月 14 日 10 : 40 PM