https://bz.apache.org/bugzilla/show_bug.cgi?id=62293
Bug ID: 62293 Summary: [Windows] Can't connect backend http server without ssl from reverse proxy server with ssl enabled. Product: Apache httpd-2 Version: 2.4.33 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: mod_proxy_http Assignee: bugs@httpd.apache.org Reporter: y512y...@gmail.com Target Milestone: --- Problems: Can't connect backend source http server without ssl from reverse proxy server with ssl enabled. When it occurs: Always (Connect reverse proxy from client) Error messages (Client side): Gateway Timeout The gateway did not receive a timely response from the upstream server or application. Error logs (Server side): [Thu Apr 12 22:57:01.642278 2018] [proxy:error] [pid 2748:tid 1180] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. : [client 10.254.0.55:9221] AH01084: pass request body failed to 10.254.0.15:80 (sv05.example.com) [Thu Apr 12 22:57:01.642278 2018] [proxy_http:error] [pid 2748:tid 1180] [client 10.254.0.55:9221] AH01097: pass request body failed to 10.254.0.15:80 (sv05.example.com) from 10.254.0.55 () Solution in my environments: Revert changes in "mod_proxy_http.c" function "proxy_http_handler" to version 2.4.29. Then, run perfectly. @@ -1948,8 +1948,8 @@ static int proxy_http_handler(request_rec *r, proxy_worker *worker, /* Step Three: Create conn_rec */ if (!backend->connection) { - if ((status = ap_proxy_connection_create_ex(proxy_function, - backend, r)) != OK) + if ((status = ap_proxy_connection_create(proxy_function, backend, + c, r->server)) != OK) My environments: Windows 7 x86 on Hyper-V Windows Server 2016 x64 on Hyper-V Configurations (Reverse proxy): # If change "SSLEngine" to "off" and access reverse proxy server via non-ssl http, will connect successful. # But this is not solution. I lost access from TLS clients. <VirtualHost *:443> ServerAdmin netw...@example.com DocumentRoot "/Test/" ServerName ssl.example.com ProxyRequests Off ProxyPreserveHost On ProxyPass / http://sv05.example.com/ ProxyPassReverse / http://sv05.example.com/ SSLEngine on SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2 SSLHonorCipherOrder off SSLCipherSuite +NULL:EDH:RSA:!DH:ADH:DSS:HIGH:!EXP:!Low:!SHA1:!MD5:!RC4:!DES:!IDEA:!CAMELLIA:!SEED:!SSLv2:!SSLv3 SSLCertificateFile conf/SSL/Site.cer SSLCertificateKeyFile conf/SSL/Site.key SSLCACertificateFile conf/SSL/CA.cer </VirtualHost> -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org