ProxyPass to a HTTPS URL or Proxy Requests Via RewriteRule to a HTTPS URL Fail with HTTP 502 on Windows Environments (Doc ID 1198264.1)

Last updated on FEBRUARY 16, 2017

Applies to:

Oracle HTTP Server - Version 10.1.2.3.0 to 10.1.3.5.0 [Release AS10gR2 to AS10gR3]
Microsoft Windows (32-bit)
Checked for relevance on 03-Jan-2014

Symptoms

In an HTTP Server of an  Application Server 10.1.2.3.0 environment on Windows 2003, using a RewriteRule or ProxyPass to proxy requests to the WebCache/OHS HTTPS port fails with a NZ 29024 error and the request is not possible.

This is an example of the configuration which can fail:

RewriteRule ^/myapplication/$ https://myremotehost:port/app1[L,P]


or

ProxyPass /myapplication https://myremotehost:port/app1
ProxyPassReverse /myapplication https://myremotehost:port/app1



This is an excerpt from the <ORACLE_HOME>\Apache\Apache\logs\error_log file:

[Wed Jan 13 10:45:08 2010] [error] mod_ossl: SSL call to NZ function nzos_Handshake failed with error 29024
[Wed Jan 13 10:45:08 2010] [error] mod_ossl: Invalid X509 certificate chain [Hint: the client probably doesn't provide a valid client certificate]
[Wed Jan 13 10:45:08 2010] [error] mod_ossl: SSL proxy connect failed!



If the RewriteRule is not proxied (i.e. the RewriteRule has not the [P] flag) and has the redirect [R] flag is used instead the request is proxied fine.

The problem can be reproduced on Application Server 10.1.2 and 10.1.3 but just on Microsoft Windows platforms.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms