Installed with Nginx reverse proxy HTTPS, problems with web sockets

I’m having some trouble with Pydio Cells Home Edition, v4.0.7. I set it up on a Debian VM on my FreeBSD host. I have a 2nd VM setup with Nginx for a HTTPS reverse proxy with Let’s Encrypt. I set up Nginx as per Configure Cells with a reverse-proxy | Pydio documentation.

Everything else seems to work fine, but I’m getting connection errors, and when I check Developer Tools, it’s giving me HTTP 502 Bad Gateway.

I’m seeing this error in Nginx error log:
2023/03/30 21:10:17 [error] 42077#42077: *249 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream, client:, server:, request: "GET /ws/event HTTP/1.1", upstream: "", host: ""

Nginx configuration:

    location / {
        grpc_pass grpcs://;

    location /ws/ {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;

    return 404; # managed by Certbot

facepalm Figured out the error, I was trying to proxy to HTTPS, not HTTP which the Cells server is running as. Fixed that nginx config, and works fine now.

On the flipside of you want to proxy an https connection you can turn off proxy ssl verify in that location block. That way self signed https applications can be proxied.

Hm, that’s a neat idea as well, if I have a service that’s doing it’s own SSL/TLS cert.

Yes I did, if you look up at my reply to the posting, you’ll see the green checkmark Solution tag.

This topic was automatically closed 11 days after the last reply. New replies are no longer allowed.