Tagged articles

10 articles

Page 1 of 1

Mar 27, 2025 · Backend Development

Resolving 502 Bad Gateway Errors in Nginx Reverse Proxy Caused by Missing SNI Configuration

This article explains why Nginx reverse‑proxying to an HTTPS upstream can return a 502 Bad Gateway error when SNI is not sent, shows the relevant SSL handshake log, and provides a complete configuration example—including enabling proxy_ssl_server_name—to fix the issue and avoid reload‑related socket problems.

502 Bad GatewayConfigurationSNI

0 likes · 4 min read

Resolving 502 Bad Gateway Errors in Nginx Reverse Proxy Caused by Missing SNI Configuration

Alibaba Cloud Native

Dec 23, 2024 · Cloud Native

Why Do Envoy Gateways Return 404 When :authority and SNI Mismatch in HTTP/2?

In many Envoy‑based gateways, enabling HTTP/2 can cause intermittent 404 errors because the :authority header and the TLS SNI value differ, especially when using wildcard certificates and multi‑domain routing, and this article explains the root cause and multiple mitigation strategies.

421Cloud NativeEnvoy

0 likes · 14 min read

Why Do Envoy Gateways Return 404 When :authority and SNI Mismatch in HTTP/2?

Open Source Tech Hub

Mar 19, 2024 · Operations

How to Host Multiple HTTPS Sites on One Server Using Nginx SNI

This guide explains why separate ports are normally required for multiple SSL sites, how Nginx’s SNI support lets you share a single IP and port, and provides step‑by‑step compilation and configuration examples for www, live, and vod domains.

HTTPSNginxOperations

0 likes · 6 min read

How to Host Multiple HTTPS Sites on One Server Using Nginx SNI

dbaplus Community

Aug 23, 2023 · Information Security

Why APISIX TLS Handshakes Failed: Missing SNI and SSLv2 Pitfalls

During a migration from Nginx to APISIX, the team encountered TLS handshake failures caused by missing SNI fields and legacy SSLv2Hello usage, leading to a detailed investigation, protocol explanations, and configuration fixes to restore secure connections without modifying client code.

APISIXKubernetesSNI

0 likes · 11 min read

Why APISIX TLS Handshakes Failed: Missing SNI and SSLv2 Pitfalls

Liangxu Linux

Aug 13, 2023 · Information Security

How Your HTTPS Connection Can Still Leak Site Visits and What Encrypted ClientHello Does

Even though HTTPS encrypts web traffic, DNS queries, IP address sharing, traffic patterns, cookies, and especially the plaintext TLS handshake—including the SNI field—can reveal which sites you visit, but the Encrypted ClientHello extension can mitigate this leakage.

Encrypted ClientHelloHTTPSSNI

0 likes · 8 min read

How Your HTTPS Connection Can Still Leak Site Visits and What Encrypted ClientHello Does

Ops Development Stories

Jul 10, 2023 · Operations

Why Nginx Reverse Proxy Fails with HTTPS and How to Fix SSL SNI Errors

This article walks through a real‑world Nginx reverse‑proxy SSL issue, explains the root cause of 502 and handshake failures caused by missing SNI support, and provides step‑by‑step configuration changes and code snippets to resolve the problem.

NginxSNISSL

0 likes · 8 min read

Why Nginx Reverse Proxy Fails with HTTPS and How to Fix SSL SNI Errors

NetEase Smart Enterprise Tech+

Aug 24, 2021 · Information Security

How NetEase Cloud IM SDK Prevents DNS Hijacking with HttpDNS High‑Availability

This article explains the DNS hijacking threat, shares a real incident affecting NetEase Cloud IM, and details a comprehensive high‑availability architecture—including HttpDNS, laddered HTTP requests, caching strategies, and SNI handling—that protects the SDK from DNS attacks and ensures reliable service.

CacheDNS hijackingHTTPDNS

0 likes · 13 min read

How NetEase Cloud IM SDK Prevents DNS Hijacking with HttpDNS High‑Availability

Liangxu Linux

May 4, 2021 · Fundamentals

Why Can’t You Access Zhihu by IP? The Role of CDN and SNI Explained

The article explains why accessing Zhihu with its raw IP address is blocked while domain access works, covering CDN sharing, the importance of hostnames, and how the TLS SNI extension lets servers identify the intended website before establishing a connection.

CDNDNSIP address

0 likes · 5 min read

Why Can’t You Access Zhihu by IP? The Role of CDN and SNI Explained

360 Zhihui Cloud Developer

Aug 16, 2016 · Backend Development

Why Nginx HTTPS Can Fail: Hidden SNI and SSL Config Pitfalls Explained

This article uses a foot‑massage shop analogy to explain why deploying HTTPS behind a 7‑layer proxy can encounter hidden pitfalls, detailing SNI requirements, the dangers of binding multiple certificates to the same IP + port, and the need for consistent SSL settings across all Nginx virtual hosts.

ProxySNI

0 likes · 7 min read

Why Nginx HTTPS Can Fail: Hidden SNI and SSL Config Pitfalls Explained

MaGe Linux Operations

Apr 20, 2016 · Information Security

Why Your SSL Certificate Is Untrusted and How to Fix It

This guide explains the five most common reasons an SSL certificate appears untrusted—such as using a self‑signed certificate, misconfigured trust chain, missing domain coverage, expiration, or lack of SNI support—and provides practical steps to resolve each issue.

CertificateSNISSL

0 likes · 6 min read

Why Your SSL Certificate Is Untrusted and How to Fix It