Getting many 502 errors after enabling SSL between router and MP.

Not applicable

After enabling SSL between router and MP our clients are intermittently getting 502 with the below Error message:

Error details: System.Net.WebException: The remote server returned an
error: (502) Bad Gateway.

I can see a lot of 502 Errors in nginx logs as well but I am unable to reproduce the issue at my end.

One observation is at the time nginx log has 502, at the same time MP logs have below error message:

2017-08-29 02:05:58,138 NIOThread@1 ERROR HTTP.SERVER - HTTPServer.onAccept() : Context creation failed Remote side closed connection 2017-08-29 02:05:58,139 NIOThread@1 ERROR HTTP.SERVER - HTTPServer.onAccept() : Context creation failed Remote side closed connection 2017-08-29 02:05:58,140 NIOThread@3 ERROR HTTP.SERVER - HTTPServer.onAccept() : Context creation failed Remote side closed connection 2017-08-29 02:05:58,140 NIOThread@0 ERROR HTTP.SERVER - HTTPServer.onAccept() : Context creation failed Remote side closed connectio

Has anyone encountered this issue? If yes, please provide any update as how to resolve it.

1 4 1,318
4 REPLIES 4

Hi, I'm sorry that you are seeing these errors. The router (nginx) is connecting to the MP over TLS. In this case, the MP is the server, and the nginx is the client. The log messages in the MP log file indicate that the MP is detecting that the client - nginx - did not correctly negotiate the connection.

To diagnose the situation, I would want to raise diagnostic levels on the nginx process so that you can collect further information. Have you tried this? Here's a hint on how to configure logging on nginx.

@Vishal can you please try @Dino's recommendation?

@Dino, The issue persists even after we tried changing the below property and even after upgrading to the latest version of nginx

conf_load_balancing_load.balancing.driver.nginx.server.retry=error timeout invalid_header http_599

@Dino

i tried enabling dubug logging and below is the log i could find:

Router Logs

2017/09/20 04:00:24 [error] 20208#20208: *561753 upstream timed out (110: Connection timed out) while SSL handshaking to upstream, client: 172.20.96.4, server: api-stg. morningstar.com, request: "OPTIONS /sal-service/v1/stock/operatingPerformance/v1/XXXXXX?locale=en-US HTTP/1.1", upstream: "https://172.20.65.15:8998/sal-service/v1/ stock/operatingPerformance/v1/XXXXXXXX?locale=en-US", host: "api-stg.morningstar.com", referrer: "https://developer-stg.morningstar.com/components/morningstar-report- stocks"

MP Logs

2017-09-20 04:00:25,228 NIOThread@1 ERROR HTTP.SERVER - HTTPServer.onAccept() : Context creation failed Remote side closed connection

This was fixed after the below CWC changes were made -

conf_load_balancing_load.balancing.driver.nginx.server.retry=error timeout invalid_header http_599
conf_load_balancing_load.balancing.driver.proxy.read.timeout=300
conf_load_balancing_load.balancing.driver.connect.timeout=10s