Bug ID: 62293
           Summary: [Windows] Can't connect backend http server without
                    ssl from reverse proxy server with ssl enabled.
           Product: Apache httpd-2
           Version: 2.4.33
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_proxy_http
  Target Milestone: ---

        Can't connect backend source http server without ssl from reverse proxy
server with ssl enabled.

When it occurs:
        Always (Connect reverse proxy from client)

Error messages (Client side):
        Gateway Timeout
        The gateway did not receive a timely response from the upstream server
or application.

Error logs (Server side):
        [Thu Apr 12 22:57:01.642278 2018] [proxy:error] [pid 2748:tid 1180] (OS
10060)A connection attempt failed because the connected party did not properly
respond after a period of time, or established connection failed because
connected host has failed to respond.  : [client] AH01084:
pass request body failed to (
        [Thu Apr 12 22:57:01.642278 2018] [proxy_http:error] [pid 2748:tid
1180] [client] AH01097: pass request body failed to ( from ()

Solution in my environments:
        Revert changes in "mod_proxy_http.c" function "proxy_http_handler" to
version 2.4.29.
        Then, run perfectly.

        @@ -1948,8 +1948,8 @@ static int proxy_http_handler(request_rec *r,
proxy_worker *worker,

                 /* Step Three: Create conn_rec */
                 if (!backend->connection) {
        -            if ((status =
        -                                                        backend, r))
!= OK)
        +            if ((status = ap_proxy_connection_create(proxy_function,
        +                                                     c, r->server)) !=

My environments:
        Windows 7 x86 on Hyper-V
        Windows Server 2016 x64 on Hyper-V

Configurations (Reverse proxy):
        # If change "SSLEngine" to "off" and access reverse proxy server via
non-ssl http, will connect successful.
        # But this is not solution. I lost access from TLS clients.

        <VirtualHost *:443>
                DocumentRoot "/Test/"


                ProxyRequests Off
                ProxyPreserveHost On
                ProxyPass /
                ProxyPassReverse /

                SSLEngine on
                SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
                SSLHonorCipherOrder off

                SSLCertificateFile conf/SSL/Site.cer
                SSLCertificateKeyFile conf/SSL/Site.key
                SSLCACertificateFile conf/SSL/CA.cer

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

Reply via email to