Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    You're speaking plain HTTP to an SSL-enabled server port

    Scheduled Pinned Locked Moved Cache/Proxy
    13 Posts 5 Posters 3.2k Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      tomasenskede
      last edited by tomasenskede

      I'm experiencing difficulty accessing my new Nextcloud/Proxmox sites through HAProxy/pfSense. However, my old Nextcloud/Docker setup functions properly via the same HAProxy/pfSense configuration.

      591cb420-a23c-4837-80f5-9beca91bb1b2-image.png

      4badd1ba-f320-4e9b-8ebb-5feb9e024b7f-image.png

      4f7f7866-c1ac-458b-8ea3-affdeece0d18-image.png
      Same error... whats wrong?

      V 1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann @tomasenskede
        last edited by

        @tomasenskede
        Not clear, why you have set up two backends, one to port 80 and one with 443.
        However, if the backend server is accessed on port 443, it would expect an SSL-request using HTTPS.
        To enable it in the HAproxy backend, check "Encrypt(SSL)".

        T 1 Reply Last reply Reply Quote 0
        • T Offline
          tomasenskede @viragomann
          last edited by tomasenskede

          @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

          @tomasenskede
          Not clear, why you have set up two backends, one to port 80 and one with 443.
          However, if the backend server is accessed on port 443, it would expect an SSL-request using HTTPS.
          To enable it in the HAproxy backend, check "Encrypt(SSL)".

          I don’t have two backends, I just tested with two different setting, port 80 and 443 with same result… but not at the same time.

          V 1 Reply Last reply Reply Quote 0
          • V Offline
            viragomann @tomasenskede
            last edited by

            @tomasenskede
            Is the backend even accessible via http on port 80, or does it redirect any access to https?

            As mentioned above, when using port 443 you need to access it via https, so "Encrypt(SSL)" must be checked, and the server has to provide an SSL certificate.

            T 1 Reply Last reply Reply Quote 0
            • T Offline
              tomasenskede @viragomann
              last edited by

              @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

              @tomasenskede
              Is the backend even accessible via http on port 80, or does it redirect any access to https?

              As mentioned above, when using port 443 you need to access it via https, so "Encrypt(SSL)" must be checked, and the server has to provide an SSL certificate.

              d71a0d69-444e-4b60-a501-8e645c742e6d-image.png

              then I get this:

              0b51d7ea-f8df-44e5-8ae1-b2f6447c3903-image.png

              I can access https://192.168.1.24/ from my internal network with an cert-warning but still working

              V 1 Reply Last reply Reply Quote 0
              • V Offline
                viragomann @tomasenskede
                last edited by

                @tomasenskede
                So maybe there is a mistake in your frontend configuration. Can you post its settings, please?

                T 1 Reply Last reply Reply Quote 0
                • T Offline
                  tomasenskede @viragomann
                  last edited by

                  @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

                  @tomasenskede
                  So maybe there is a mistake in your frontend configuration. Can you post its settings, please?

                  Access Control lists
                  90553a2e-e805-4c91-9b5b-a9405a7e5e01-image.png

                  Actions
                  1c2e0dcb-4a27-45bf-a6c3-982144f7f4a6-image.png

                  Backend
                  67f62517-0b0e-4af1-b359-449114040782-image.png

                  d2dceccb-74d5-405d-a004-b6bc518769f0-image.png

                  V 1 Reply Last reply Reply Quote 0
                  • V Offline
                    viragomann @tomasenskede
                    last edited by

                    @tomasenskede
                    These view snips are sadly not really helpful to get closer to the issue.

                    T 1 Reply Last reply Reply Quote 0
                    • T Offline
                      tomasenskede @viragomann
                      last edited by

                      @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

                      hese view snips are sadly not really helpful to get closer to the issue.

                      hmm... I'm eager to make this working. I'm happy to provide more information. What else do you need to help me? Thanks in advance!

                      T 1 Reply Last reply Reply Quote 0
                      • T Offline
                        tomasenskede @tomasenskede
                        last edited by

                        @tomasenskede said in You're speaking plain HTTP to an SSL-enabled server port:

                        @viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

                        hese view snips are sadly not really helpful to get closer to the issue.

                        hmm... I'm eager to make this working. I'm happy to provide more information. What else do you need to help me? Thanks in advance!

                        Got it WORKING... reboot of pfSense resolved the issue...

                        1 Reply Last reply Reply Quote 0
                        • M Offline
                          melnyk
                          last edited by

                          Wow. I have to state that I had the same problem (the "Encrypt(SSL)" option was totally ignored), but everything works after reboot.

                          T W 2 Replies Last reply Reply Quote 0
                          • T Offline
                            teague-o-Bitties @melnyk
                            last edited by

                            @melnyk I know wright. I absolutely spent 2 hours with the HA config before I found this thread. wtf. Thanks @tomasenskede ... 100%, a reboot on pfsense worked.

                            1 Reply Last reply Reply Quote 0
                            • W Offline
                              waylonwesley @melnyk
                              last edited by

                              @melnyk sprunki 2
                              It's great to hear that a simple reboot resolved your issue! If you encounter similar problems in the future, these steps may help you troubleshoot effectively.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.