Hi, @pinchas. I’m showing the resource that request was proxied to didn’t respond with a valid HTTP response and therefore the proxied request returned a 500 response.
The error for the proxied resource was:
Error occurred while handling proxied request" error="[500] Failed to make proxied request: local error: tls: no renegotiation
I’ve also tested the resource directly using the same URL and HTTP verb which was GET (not PUT or DELETE). The result is the same type of error and there is no valid HTTP response:
$ curl -sv https://<REDACTED DOMAIN NAME>/api/user/authenticate
* Trying <REDACTED IP ADDRESS>...
* TCP_NODELAY set
* Connected to <REDACTED DOMAIN NAME> (<REDACTED IP ADDRESS>) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=*.<REDACTED APEX DOMAIN NAME>
* start date: Feb 27 00:00:00 2020 GMT
* expire date: Feb 27 23:59:59 2022 GMT
* subjectAltName: host "<REDACTED DOMAIN NAME>" matched cert's "*.<REDACTED APEX DOMAIN NAME>"
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fec6d80f600)
> GET /api/user/authenticate HTTP/2
> Host: <REDACTED DOMAIN NAME>
> User-Agent: curl/7.64.1
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
* HTTP/2 stream 0 was not closed cleanly: HTTP_1_1_REQUIRED (err 13)
* Forcing HTTP/1.1 for NTLMstopped the pause stream!
* Connection #0 to host <REDACTED DOMAIN NAME> left intact
* Closing connection 0
This is the root cause of the 500 response for the proxied URL. If there are other questions or concerns, please let us know.