Opnsense 24.7.2 broke nginx server

Started by fforstik, August 27, 2024, 01:16:24 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 27, 2024, 01:16:24 PM
Hello

I have updated from 24.7 -> 24.7.2 and since then i have an issue for the ngning and able to access the server behind this..

It show this message if i will hit the ngning (plugin on opnsense)

Server Error
Sorry, but something went wrong on our side.

There is nothing you can do except waiting until we fix the issue.
Web Application Protection by OPNsense
August 27, 2024, 01:19:27 PM #1
Suggestion: Make use of the logs for diagnostics. Crystal balls are being serviced.
August 27, 2024, 01:22:41 PM #2
i see only in debug log: NGINX setup routine started.

nothing else..
August 27, 2024, 01:38:36 PM #3
only in
    - log-HTTPS access: status code 502
    - log-HTTP Error: SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client:
August 27, 2024, 02:01:57 PM #4
You really need to post the entire log entry, redacted for privacy if needed BUT preserving the required information, i.e., protocol, hostnames, IPs and ports and requests. You cannot wipe the part that's after the client: since it nukes most of the useful info and there's literally zero information about your configuration otherwise.

As a quick guess, you are trying to do HTTPS where none is supported by the backend server (wrong port or whatever).
August 27, 2024, 02:15:54 PM #5 Last Edit: August 27, 2024, 02:17:39 PM by fforstik
It was all working fine as I was able to access the server just before the update to 24.7.2. No other changes.

Im using ACME plugin for the SSL cert (Lets encrypt)

in ngix plugin in Logs-HTTP error:
2024/08/28   00:06:47   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"

2024/08/28   00:06:47   error   82877#100122   *5 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET / HTTP/1.1", upstream: "https://<Internal server IP>:11000/", host: "<Nextcloud Domain name website>"

2024/08/28   00:06:47   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"

2024/08/28   00:06:44   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"

2024/08/28   00:06:44   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"
August 28, 2024, 02:32:06 AM #6
Dont know if 24.7.1 or 24.7.2 broke as I have moved from version 24.7.0 but i see that in version 24.7.1 were some os-acme-client update and in version 24.7.2 more system update and cleanup as well..

Just wondering if other people have the same issue or similar based on what i see in the forum about other issues like CPU, sensors etc.. with the new 24.7.x upgrade..
September 03, 2024, 09:57:52 PM #7 Last Edit: September 04, 2024, 07:53:22 AM by fforstik
so after multiple tries and search I have found this forum which is very similar to my issue.
https://forum.opnsense.org/index.php?topic=19305.30
  - basically its says that after deleting logs it "mess" with the configuration which could happend when I have updated from 24.7 to 24.7.2


Anayway, because I have clean Opnsense install from late 2022 and always did upgrade I was trying to do a clean install and reconfigure the nginx (without any backup import) and it was the same thing. Same issue
September 04, 2024, 02:09:00 AM #8 Last Edit: September 04, 2024, 02:12:18 AM by Grossartig
I'm still on 24_7 with working nginx. Sounds like I should wait to upgrade until this issue is resolved understood.
September 04, 2024, 04:31:49 AM #9 Last Edit: September 04, 2024, 06:27:20 AM by fforstik
well probably stay as I see lots of issues raised by other people..

for my situation there could be:
    A) my HW is not supported (im using N6005 CPU and i226 2.5Gbe ethernet)
    B) new update clean some of the files and logs and messed with the config as I have always did the upgrade from GUI since late 2022. (so almost 2 years without clean install)

Because I have tried clean install and didnt worked I suspect that might be a combination of two.. It will be interesting if other people experience the same or similar issue with Nginx plugin and WAF with fresh clean install and not just upgrade to see if its just my device or global issue..  ;)
Print
Go Up Pages1
User actions