When navigating to the reverse proxied web application, it shows 502 Bad Gateway.
In the Awingu log files ( nginx.service.log ), a similar message is shown:
2023-07-06 14:42:08.005401+00:00 awingutest nginx.service[<unknown>:30164]: awingutest nginx: 2023/07/06 14:42:08 [error] 30164#30164: *7716 upstream SSL certificate verify error: (18:self signed certificate) while SSL handshaking to upstream, client: 18.104.22.168, server: some.example.org, request: "GET /favicon.ico HTTP/1.1", upstream: "https://192.168.0.21:443/favicon.ico", host: "some.example.org:9999", referrer: "https://some.example.org:9999/www"
If the log files contain the message above, it means that the reverse proxied web application is not trusted because it doesn't have trusted SSL certificate.
Else, the 502 Bad Gateway message has a different cause and the solution below will not help.
- Navigate to System Settings > Global > Domains and select the Awingu domain in which the reverse proxied web application was published.
- Scroll to the bottom and find Allow untrusted servers. For the Reverse Proxied Web Applications setting, make sure it's set to Allow untrusted.
It's also possible to import the necessary certificates, although this is a bit more complex as it involves creating or updating the trusted certificates file.
Consult the admin manual for instructions on preparing the trusted certificate authorities file.
This can be uploaded either in:
- System Settings > Global > Connectivity > Trusted Certificate Authorities.
If uploaded here, it will work for all reverse proxied web applications in each Awingu domain.
- System Settings > Global > Domains: select the domain. Then, upload the file under Trusted Certificate Authorities.