Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    You're speaking plain HTTP to an SSL-enabled server port

    Scheduled Pinned Locked Moved Cache/Proxy
    13 Posts 5 Posters 3.2k Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V Offline
      viragomann @tomasenskede
      last edited by

      @tomasenskede
      Not clear, why you have set up two backends, one to port 80 and one with 443.
      However, if the backend server is accessed on port 443, it would expect an SSL-request using HTTPS.
      To enable it in the HAproxy backend, check "Encrypt(SSL)".

      T 1 Reply Last reply Reply Quote 0
      • T Offline
        tomasenskede @viragomann
        last edited by tomasenskede

        @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

        @tomasenskede
        Not clear, why you have set up two backends, one to port 80 and one with 443.
        However, if the backend server is accessed on port 443, it would expect an SSL-request using HTTPS.
        To enable it in the HAproxy backend, check "Encrypt(SSL)".

        I don’t have two backends, I just tested with two different setting, port 80 and 443 with same result… but not at the same time.

        V 1 Reply Last reply Reply Quote 0
        • V Offline
          viragomann @tomasenskede
          last edited by

          @tomasenskede
          Is the backend even accessible via http on port 80, or does it redirect any access to https?

          As mentioned above, when using port 443 you need to access it via https, so "Encrypt(SSL)" must be checked, and the server has to provide an SSL certificate.

          T 1 Reply Last reply Reply Quote 0
          • T Offline
            tomasenskede @viragomann
            last edited by

            @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

            @tomasenskede
            Is the backend even accessible via http on port 80, or does it redirect any access to https?

            As mentioned above, when using port 443 you need to access it via https, so "Encrypt(SSL)" must be checked, and the server has to provide an SSL certificate.

            d71a0d69-444e-4b60-a501-8e645c742e6d-image.png

            then I get this:

            0b51d7ea-f8df-44e5-8ae1-b2f6447c3903-image.png

            I can access https://192.168.1.24/ from my internal network with an cert-warning but still working

            V 1 Reply Last reply Reply Quote 0
            • V Offline
              viragomann @tomasenskede
              last edited by

              @tomasenskede
              So maybe there is a mistake in your frontend configuration. Can you post its settings, please?

              T 1 Reply Last reply Reply Quote 0
              • T Offline
                tomasenskede @viragomann
                last edited by

                @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

                @tomasenskede
                So maybe there is a mistake in your frontend configuration. Can you post its settings, please?

                Access Control lists
                90553a2e-e805-4c91-9b5b-a9405a7e5e01-image.png

                Actions
                1c2e0dcb-4a27-45bf-a6c3-982144f7f4a6-image.png

                Backend
                67f62517-0b0e-4af1-b359-449114040782-image.png

                d2dceccb-74d5-405d-a004-b6bc518769f0-image.png

                V 1 Reply Last reply Reply Quote 0
                • V Offline
                  viragomann @tomasenskede
                  last edited by

                  @tomasenskede
                  These view snips are sadly not really helpful to get closer to the issue.

                  T 1 Reply Last reply Reply Quote 0
                  • T Offline
                    tomasenskede @viragomann
                    last edited by

                    @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

                    hese view snips are sadly not really helpful to get closer to the issue.

                    hmm... I'm eager to make this working. I'm happy to provide more information. What else do you need to help me? Thanks in advance!

                    T 1 Reply Last reply Reply Quote 0
                    • T Offline
                      tomasenskede @tomasenskede
                      last edited by

                      @tomasenskede said in You're speaking plain HTTP to an SSL-enabled server port:

                      @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

                      hese view snips are sadly not really helpful to get closer to the issue.

                      hmm... I'm eager to make this working. I'm happy to provide more information. What else do you need to help me? Thanks in advance!

                      Got it WORKING... reboot of pfSense resolved the issue...

                      1 Reply Last reply Reply Quote 0
                      • M Offline
                        melnyk
                        last edited by

                        Wow. I have to state that I had the same problem (the "Encrypt(SSL)" option was totally ignored), but everything works after reboot.

                        T W 2 Replies Last reply Reply Quote 0
                        • T Offline
                          teague-o-Bitties @melnyk
                          last edited by

                          @melnyk I know wright. I absolutely spent 2 hours with the HA config before I found this thread. wtf. Thanks @tomasenskede ... 100%, a reboot on pfsense worked.

                          1 Reply Last reply Reply Quote 0
                          • W Offline
                            waylonwesley @melnyk
                            last edited by

                            @melnyk sprunki 2
                            It's great to hear that a simple reboot resolved your issue! If you encounter similar problems in the future, these steps may help you troubleshoot effectively.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.