My Oracle Support Banner

ProxyPass to a HTTPS URL or Proxy Requests Via RewriteRule to a HTTPS URL Fail with HTTP 502 on Windows Environments (Doc ID 1198264.1)

Last updated on MARCH 19, 2021

Applies to:

Oracle HTTP Server - Version 10.1.2.3.0 to 10.1.3.5.0 [Release AS10gR2 to AS10gR3]
Microsoft Windows (32-bit)

Symptoms

In an HTTP Server of an  Application Server 10.1.2.3.0 environment on Windows 2003, using a RewriteRule or ProxyPass to proxy requests to the WebCache/OHS HTTPS port fails with a NZ 29024 error and the request is not possible.

This is an example of the configuration which can fail:

RewriteRule ^/myapplication/$ https://<HOSTNAME>:<PORT>/myapp1[L,P]


or

ProxyPass /myapplication https://<HOSTNAME>:<PORT>/myapp1
ProxyPassReverse /myapplication https://<HOSTNAME>:<PORT>/myapp1



This is an excerpt from the <ORACLE_HOME>\Apache\Apache\logs\error_log file:

[Wed Jan 13 10:45:08 2010] [error] mod_ossl: SSL call to NZ function nzos_Handshake failed with error 29024
[Wed Jan 13 10:45:08 2010] [error] mod_ossl: Invalid X509 certificate chain [Hint: the client probably doesn't provide a valid client certificate]
[Wed Jan 13 10:45:08 2010] [error] mod_ossl: SSL proxy connect failed!



If the RewriteRule is not proxied (i.e. the RewriteRule has not the [P] flag) and has the redirect [R] flag is used instead the request is proxied fine.

The problem can be reproduced on Application Server 10.1.2 and 10.1.3 but just on Microsoft Windows platforms.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.