Problems with SLL(origin server) when using another port, or using proxy reverse
I had working ssl certificate (Origin server)
Then i changed output port on my router(443 - 444) and did the same with domain record.
Now i have "Invalid SSL certificate Error code 526"
Do i need to change port of webpage in cloudflare panel?
And second problem, is why proxy reverse with apache2 makes the same problem?
11 Replies
If you change the port then you would need to use a port rewrite origin rule as Cloudflare does not support port 444.
thanks!
What with proxy reverse?
It makes problem with handshake of ssl (i was trying it with port 443 so everything should works fine)
proxy reverse server have no SSl certificates
target server have all conf
With the reverse proxy the origin server cert should be installed on the proxy, not on the proxied app
is there another solution to keep ssl certs on proxied app instead of installing it on proxy server?
I only wanna change the direction of the target server(local ip) depending on domain name
Not that i know of
I remember hearing you can use CF as a reverse proxy, but i don't think that would work for custom ports
I would have the reverse proxy handle the certs. It's all in one place (easy to manage) and there are apps that manage the certs automatically (even easier to manage)
I don't need custom ports
Then you can use workers iirc as a reverse proxy
Using something like proxy reverse solves the problem
Yes it does, but only if the endpoints all use 80 or 443
If the app is running on any other port, then you cannot use CF as a rp. That's how i understand it
Thanks!
Do you know a better way to connect domains on the same ports but on another VMs?
Nope. I almost always use a reverse proxy. Mine's in a docker container so i can proxy docker containers