Passbolt Behind Nginx Reverse Proxy

Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

Probably a newb question here and this might not be specific to Passbolt, but I’ve had Passbolt running just fine behind Squid on pfSense for over a year. I just changed over and put Passbolt behind Nginx Reverse Proxy (different server than Passbolt server) and for the life of me can’t figure out what I’m missing.

Locally, everything works great. The problem is specific to the reverse proxy coming from the public side. Other web services are being served up using the same reverse proxy, and these work without issue.

  1. I can navigate to my public url and the passbolt login appears (with SSL) to enter my email address.
  2. I enter my email address, submit, there is a long delay (not normal), and I receive the recovery email and link.
  3. I go through recovery, submit my private key, and I receive the following error: An internal error occurred. The server response could not be parsed. Please contact your administrator.
  4. I then get the confirmation email that my account has been recovered (it hasn’t), and it returns the message "User Agent: " "User IP: " both blank.
  5. Rinse and repeat.

Nginx Reverse Proxy Server Block Below. I have tried multiple iterations of the block with no luck.

Is there a Passbolt/Nginx wiz that can help out?

server {

    listen 80 default_server;

    server_name _;

    return 301 https://$host$request_uri;
}

server {
        listen 443 ssl http2;

        server_name *.passbolt.mydomain.com passbolt.mydomain.com;

        ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
        ssl_certificate_key /etc/ssl/private/key-decrypted.key;

        location / {
               proxy_pass https://172.16.0.24;
       }
}

– Ubuntu 22.04.1
– nginx/1.18.0
– mysql 8.0.30
– php 8.1.2
– Passbolt 3.7.0

 ____                  __          ____
/ __ \____  _____ ____/ /_  ____  / / /_

/ // / __ `/ / / __ / __ / / _/
/ / // ( |
) /
/ / /
/ / / /
/
/ _
,
/
//./_//__/

Open source password manager for teams

Healthcheck shell

Environment

[PASS] PHP version 8.1.2.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[PASS] The passbolt config file is present

Core config

[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passbolt.mydomain.com
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.

SSL Certificate

[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate

Database

[PASS] The application is able to connect to the database
[PASS] 26 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.

Application configuration

[PASS] Using latest passbolt version (3.7.0).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.

JWT Authentication

[PASS] The JWT Authentication plugin is enabled
[PASS] The /etc/passbolt/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found

Hi @pattonjo :wave: and welcome to passbolt community forum :handshake:

Can you check logs on your both nginx servers (in /var/log/nginx)? The server response could not be parsed is usually an error nginx side and the error message will help.

Best,

Passbolt Nginx Error Log

2022/08/03 23:44:25 [info] 12404#12404: *64 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /auth/verify.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:48:32 [info] 12404#12404: *80 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /auth/login.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:48:37 [info] 12404#12404: *84 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /auth/verify.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:51:54 [info] 12404#12404: *109 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “PUT /mobile/transfers/2cffa969-6ffc-426d-9bd9-c8165c01910f/41152f25-be21-406f-b6ff-fc8d5bdc4712.json HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:51:55 [info] 12404#12404: *113 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “PUT /mobile/transfers/2cffa969-6ffc-426d-9bd9-c8165c01910f/41152f25-be21-406f-b6ff-fc8d5bdc4712.json HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:51:55 [info] 12404#12404: *117 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “PUT /mobile/transfers/2cffa969-6ffc-426d-9bd9-c8165c01910f/41152f25-be21-406f-b6ff-fc8d5bdc4712.json HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:51:56 [info] 12404#12404: *121 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “PUT /mobile/transfers/2cffa969-6ffc-426d-9bd9-c8165c01910f/41152f25-be21-406f-b6ff-fc8d5bdc4712.json HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:51:57 [info] 12404#12404: *125 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “PUT /mobile/transfers/2cffa969-6ffc-426d-9bd9-c8165c01910f/41152f25-be21-406f-b6ff-fc8d5bdc4712.json?contain%5Buser.profile%5D=1 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/03 23:55:25 [info] 12404#12404: *132 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /users/recover.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”, referrer: “https://passbolt.mydomain.com/auth/login?redirect=%2F&locale=en-UK
2022/08/03 23:57:01 [crit] 12404#12404: *136 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/03 23:58:51 [crit] 12404#12404: *135 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 00:02:31 [crit] 12404#12404: *143 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 00:02:31 [crit] 12404#12404: *144 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 00:16:28 [info] 12404#12404: *178 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /auth/verify.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/04 00:17:57 [info] 12404#12404: *182 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /setup/recover/complete/8c86a981-0313-4f5d-8cb1-8f028a9f81cd HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “172.16.0.24”
2022/08/04 01:56:46 [info] 12404#12404: *333 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /users/recover.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “passbolt.mydomain.com”, referrer: “https://passbolt.mydomain.com/auth/login?redirect=%2F&locale=en-UK
2022/08/04 21:53:48 [info] 12404#12404: *582 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /users/recover.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “passbolt.mydomain.com”, referrer: “https://passbolt.mydomain.com/auth/login?redirect=%2F&locale=en-UK
2022/08/04 22:05:38 [crit] 12404#12404: *602 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 22:05:38 [crit] 12404#12404: *601 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 22:08:00 [info] 12404#12404: *635 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /auth/verify.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “passbolt.mydomain.com
2022/08/04 22:08:29 [info] 12404#12404: *637 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /setup/recover/complete/8c86a981-0313-4f5d-8cb1-8f028a9f81cd HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “passbolt.mydomain.com
2022/08/04 22:30:22 [info] 12404#12404: *664 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /users/recover.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “passbolt.mydomain.com”, referrer: “https://passbolt.mydomain.com/auth/login?redirect=%2F&locale=en-UK
2022/08/04 22:33:08 [crit] 12404#12404: *667 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 22:33:08 [crit] 12404#12404: *666 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 23:26:18 [crit] 12404#12404: *668 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 23:26:18 [crit] 12404#12404: *669 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 23:27:59 [info] 12404#12404: *699 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /auth/verify.json?api-version=v2 HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “passbolt.mydomain.com
2022/08/04 23:28:36 [info] 12404#12404: *701 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: “POST /setup/recover/complete/8c86a981-0313-4f5d-8cb1-8f028a9f81cd HTTP/1.0”, upstream: “fastcgi://unix:/run/php/php8.1-fpm.sock”, host: “passbolt.mydomain.com
2022/08/04 23:37:18 [crit] 12404#12404: *703 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443
2022/08/04 23:37:18 [crit] 12406#12406: *704 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 172.16.0.20, server: 0.0.0.0:443

Nginx Reverse Proxy Error Log

2022/08/04 00:16:28 [crit] 2466#2466: *71 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while reading response header from upstream, client: 98.243.113.57, server: passbolt.mydomain.com, request: “POST /auth/verify.json?api-version=v2 HTTP/2.0”, upstream: “https://172.16.0.24:443/auth/verify.json?api-version=v2”, host: “passbolt.mydomain.com
2022/08/04 00:17:57 [crit] 2466#2466: *71 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while reading response header from upstream, client: 98.243.113.57, server: passbolt.mydomain.com, request: “POST /setup/recover/complete/8c86a981-0313-4f5d-8cb1-8f028a9f81cd HTTP/2.0”, upstream: “https://172.16.0.24:443/setup/recover/complete/8c86a981-0313-4f5d-8cb1-8f028a9f81cd”, host: “passbolt.mydomain.com
2022/08/04 00:49:11 [error] 2699#2699: *1 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/1.1”, host: “passbolt.mydomain.com”, referrer: “http://passbolt.mydomain.com/
2022/08/04 00:49:52 [alert] 2700#2700: *2 open socket #8 left in connection 3
2022/08/04 00:49:52 [alert] 2700#2700: aborting
2022/08/04 00:50:16 [crit] 2720#2720: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 00:50:16 [crit] 2720#2720: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 00:50:43 [alert] 2720#2720: *3 open socket #9 left in connection 4
2022/08/04 00:50:43 [alert] 2720#2720: aborting
2022/08/04 00:54:54 [crit] 2733#2733: *11 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 152.32.234.60, server: 0.0.0.0:443
2022/08/04 01:29:49 [crit] 2733#2733: *60 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 154.6.86.133, server: 0.0.0.0:443
2022/08/04 01:29:49 [crit] 2732#2732: *61 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 154.6.86.133, server: 0.0.0.0:443
2022/08/04 01:40:59 [crit] 2733#2733: *76 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 154.6.86.133, server: 0.0.0.0:443
2022/08/04 01:40:59 [error] 2732#2732: *77 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 154.6.86.133, server: mydomain.com, request: “GET /favicon.ico HTTP/2.0”, host: “mydomain.com”, referrer: “https://mydomain.com/
2022/08/04 01:54:14 [crit] 2767#2767: *8 SSL_do_handshake() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while SSL handshaking, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:54:14 [crit] 2767#2767: *5 SSL_do_handshake() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while SSL handshaking, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:54:14 [crit] 2768#2768: *6 SSL_do_handshake() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while SSL handshaking, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:54:14 [crit] 2768#2768: *7 SSL_do_handshake() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while SSL handshaking, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:54:16 [crit] 2767#2767: *9 SSL_do_handshake() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while SSL handshaking, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:54:44 [crit] 2767#2767: *10 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:55:00 [crit] 2767#2767: *15 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:55:07 [crit] 2768#2768: *14 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:56:47 [crit] 2767#2767: *23 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while reading response header from upstream, client: 98.243.113.57, server: passbolt.mydomain.com, request: “POST /users/recover.json?api-version=v2 HTTP/2.0”, upstream: “https://172.16.0.24:443/users/recover.json?api-version=v2”, host: “passbolt.mydomain.com”, referrer: “https://passbolt.mydomain.com/auth/login?redirect=%2F&locale=en-UK
2022/08/04 01:59:30 [crit] 2784#2784: 37 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 01:59:30 [crit] 2783#2783: 38 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:04:38 [crit] 2803#2803: 7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:04:38 [crit] 2803#2803: 6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:06:54 [emerg] 2815#2815: invalid server name or wildcard "
.passbolt.mydomain.com
" on 0.0.0.0:80
2022/08/04 02:06:57 [emerg] 2820#2820: invalid server name or wildcard "
.passbolt.mydomain.com
" on 0.0.0.0:80
2022/08/04 02:10:11 [crit] 2831#2831: *11 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:10:11 [crit] 2831#2831: *3 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:10:29 [error] 2831#2831: *26 open() “/usr/share/nginx/html/boaform/admin/formLogin” failed (2: No such file or directory), client: 122.194.11.101, server: mydomain.com, request: “GET /boaform/admin/formLogin?username=adminisp&psd=adminisp HTTP/1.0”
2022/08/04 02:16:37 [emerg] 2848#2848: unexpected end of file, expecting “}” in /etc/nginx/sites-enabled/reverse-proxy.conf:95
2022/08/04 02:16:39 [emerg] 2853#2853: unexpected end of file, expecting “}” in /etc/nginx/sites-enabled/reverse-proxy.conf:95
2022/08/04 02:17:14 [emerg] 2866#2866: no port in upstream “php-fpm” in /etc/nginx/sites-enabled/reverse-proxy.conf:85
2022/08/04 02:17:15 [emerg] 2871#2871: no port in upstream “php-fpm” in /etc/nginx/sites-enabled/reverse-proxy.conf:85
2022/08/04 02:19:26 [emerg] 2879#2879: unexpected “}” in /etc/nginx/sites-enabled/reverse-proxy.conf:68
2022/08/04 02:19:28 [emerg] 2882#2882: unexpected “}” in /etc/nginx/sites-enabled/reverse-proxy.conf:68
2022/08/04 02:20:17 [crit] 2894#2894: *3 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:23:43 [error] 2894#2894: *4 open() “/usr/share/nginx/html/owa/auth/logon.aspx” failed (2: No such file or directory), client: 192.241.222.197, server: mydomain.com, request: “GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1”, host: “mypublicIPAddress”
2022/08/04 02:23:51 [crit] 2894#2894: *4 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.241.222.197, server: 0.0.0.0:443
2022/08/04 02:25:59 [crit] 2914#2914: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:25:59 [crit] 2914#2914: *5 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:26:05 [crit] 2914#2914: *13 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:26:05 [crit] 2915#2915: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:26:55 [crit] 2914#2914: *39 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:26:55 [crit] 2914#2914: *40 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:27:36 [alert] 2914#2914: *35 open socket #13 left in connection 5
2022/08/04 02:27:36 [alert] 2914#2914: aborting
2022/08/04 02:27:48 [crit] 2929#2929: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:27:48 [crit] 2928#2928: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:27:52 [crit] 2929#2929: *13 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:27:52 [crit] 2929#2929: *5 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:28:16 [error] 2945#2945: *1 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/1.1”, host: “passbolt.mydomain.com”, referrer: “http://passbolt.mydomain.com/
2022/08/04 02:28:45 [crit] 2957#2957: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:28:45 [crit] 2957#2957: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/js/app/stylesheet.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/stylesheet.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/js/app/api-vendors.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-vendors.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/js/app/api-triage.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-triage.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon_32.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_32.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon_57.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_57.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon_76.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_76.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon_96.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_96.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon_128.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_128.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon_192.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_192.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:28:45 [error] 2957#2957: *5 open() “/usr/share/nginx/html/favicon_228.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_228.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:09 [alert] 2957#2957: *3 open socket #13 left in connection 5
2022/08/04 02:29:09 [alert] 2957#2957: aborting
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/js/app/stylesheet.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/stylesheet.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [crit] 2988#2988: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/js/app/api-vendors.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-vendors.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/js/app/api-triage.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-triage.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [crit] 2987#2987: *5 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon_32.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_32.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon_57.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_57.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon_76.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_76.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon_96.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_96.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon_128.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_128.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon_192.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_192.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:29:55 [error] 2987#2987: *6 open() “/usr/share/nginx/html/favicon_228.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_228.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:30:48 [crit] 2987#2987: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/js/app/stylesheet.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/stylesheet.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [crit] 3006#3006: *5 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/js/app/api-vendors.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-vendors.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [crit] 3006#3006: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/js/app/api-triage.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-triage.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon_32.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_32.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon_57.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_57.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon_76.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_76.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon_96.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_96.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon_128.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_128.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon_192.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_192.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:35:21 [error] 3007#3007: *6 open() “/usr/share/nginx/html/favicon_228.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_228.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:36:59 [crit] 3007#3007: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:42:47 [error] 3006#3006: *8 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/1.1”, host: “mydomain.com”, referrer: “http://mydomain.com/
2022/08/04 02:43:59 [crit] 3040#3040: *5 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:43:59 [error] 3041#3041: *6 open() “/usr/share/nginx/html/js/app/stylesheet.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/stylesheet.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:43:59 [crit] 3040#3040: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:43:59 [error] 3041#3041: *6 open() “/usr/share/nginx/html/js/app/api-vendors.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-vendors.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:43:59 [error] 3041#3041: *6 open() “/usr/share/nginx/html/js/app/api-triage.js” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /js/app/api-triage.js?v=3.7.0 HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:43:59 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:43:59 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon_32.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_32.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:43:59 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon_57.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_57.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:44:00 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon_76.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_76.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:44:00 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon_96.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_96.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:44:00 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon_128.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_128.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:44:00 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon_192.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_192.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:44:00 [error] 3041#3041: *6 open() “/usr/share/nginx/html/favicon_228.png” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon_228.png HTTP/2.0”, host: “passbolt.mydomain.com
2022/08/04 02:44:06 [error] 3041#3041: *8 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/1.1”, host: “mydomain.com”, referrer: “http://mydomain.com/
2022/08/04 02:44:24 [error] 3041#3041: *10 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/1.1”, host: “mypublicIPAddress”, referrer: “http://mypublicIPAddress/
2022/08/04 02:44:30 [crit] 3041#3041: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:45:09 [error] 3040#3040: *13 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/1.1”, host: “passbolt-test.mydomain.com”, referrer: “http://passbolt-test.mydomain.com/
2022/08/04 02:45:24 [error] 3041#3041: *14 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/2.0”, host: “passbolt.mydomain.com”, referrer: “https://passbolt.mydomain.com/
2022/08/04 02:46:08 [error] 3054#3054: *1 open() “/usr/share/nginx/html/favicon.ico” failed (2: No such file or directory), client: 98.243.113.57, server: mydomain.com, request: “GET /favicon.ico HTTP/2.0”, host: “mydomain.com”, referrer: “https://mydomain.com/
2022/08/04 02:46:29 [crit] 3054#3054: *16 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:46:29 [crit] 3054#3054: *3 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:46:29 [crit] 3054#3054: *1 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:47:15 [crit] 3069#3069: *6 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:47:15 [crit] 3069#3069: *7 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:47:29 [crit] 3069#3069: *5 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 02:47:29 [crit] 3069#3069: *13 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 98.243.113.57, server: 0.0.0.0:443
2022/08/04 05:29:29 [crit] 3086#3086: *115 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 65.49.20.68, server: 0.0.0.0:443
2022/08/04 05:31:13 [crit] 3086#3086: *122 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 65.49.20.68, server: 0.0.0.0:443
2022/08/04 08:15:35 [crit] 3086#3086: *146 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 137.184.118.81, server: 0.0.0.0:443
2022/08/04 08:15:37 [crit] 3086#3086: *151 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 137.184.118.81, server: 0.0.0.0:443
2022/08/04 08:15:39 [crit] 3086#3086: *156 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 137.184.118.81, server: 0.0.0.0:443
2022/08/04 08:15:41 [crit] 3086#3086: *161 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 137.184.118.81, server: 0.0.0.0:443
2022/08/04 08:15:43 [crit] 3086#3086: *166 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 137.184.118.81, server: 0.0.0.0:443
2022/08/04 08:15:45 [crit] 3086#3086: *171 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 137.184.118.81, server: 0.0.0.0:443
2022/08/04 08:15:47 [crit] 3086#3086: *176 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 137.184.118.81, server: 0.0.0.0:443
2022/08/04 09:36:12 [crit] 3086#3086: *211 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 161.35.131.255, server: 0.0.0.0:443
2022/08/04 09:36:32 [crit] 3086#3086: *213 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 161.35.131.255, server: 0.0.0.0:443
2022/08/04 09:36:32 [crit] 3086#3086: *215 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 161.35.131.255, server: 0.0.0.0:443
2022/08/04 11:36:00 [crit] 3086#3086: *222 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 162.142.125.210, server: 0.0.0.0:443
2022/08/04 13:49:05 [crit] 3086#3086: *378 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.241.206.36, server: 0.0.0.0:443
2022/08/04 13:56:56 [crit] 3086#3086: *380 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 157.55.39.54, server: 0.0.0.0:443
2022/08/04 13:57:06 [crit] 3086#3086: *382 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 157.55.39.123, server: 0.0.0.0:443
2022/08/04 13:57:14 [crit] 3086#3086: *384 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 207.46.13.176, server: 0.0.0.0:443
2022/08/04 13:57:18 [crit] 3086#3086: *386 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.167.83, server: 0.0.0.0:443
2022/08/04 13:57:23 [crit] 3086#3086: *388 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.167.30, server: 0.0.0.0:443
2022/08/04 13:57:32 [crit] 3086#3086: *390 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.167.30, server: 0.0.0.0:443
2022/08/04 13:57:41 [crit] 3086#3086: *392 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.167.30, server: 0.0.0.0:443
2022/08/04 14:13:15 [crit] 3086#3086: *394 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 14:13:15 [crit] 3086#3086: *395 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 14:13:16 [crit] 3086#3086: *396 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 14:13:17 [crit] 3086#3086: *400 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 14:13:17 [crit] 3086#3086: *402 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 14:13:17 [crit] 3086#3086: *401 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 14:13:17 [crit] 3086#3086: *408 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 14:13:17 [crit] 3086#3086: *406 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while processing HTTP/2 connection, client: 40.77.189.232, server: 0.0.0.0:443
2022/08/04 15:04:38 [crit] 3086#3086: *428 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 192.241.236.122, server: 0.0.0.0:443
2022/08/04 17:25:14 [crit] 3086#3086: *443 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 94.102.61.8, server: 0.0.0.0:443
2022/08/04 18:08:51 [crit] 3086#3086: *470 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 45.227.255.58, server: 0.0.0.0:443
2022/08/04 18:08:58 [crit] 3086#3086: *472 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 45.227.255.58, server: 0.0.0.0:443

Did you noticed this ?

Yes, I masked my real domain and public IP.

@pattonjo jc is pointing out that you have an error in the configuration. Run nginx -t to test the configuration. If there is an error it will point you to the line in the configuration file…like it does in the log file. It’s saying line 68. I’ve edited your first post’s config for clarity. If you put three backticks before and after it will offset that section as code.

It will be helpful to post your separate NGINX config files if you are needing help. Especially the one located /etc/nginx/sites-enabled/reverse-proxy.conf.

this would be /etc/nginx/sites-enabled/reverse-proxy.conf

I transposed it wrong when editing out domain names,etc, but it is passing nginx -t

server {

    listen 80 default_server;

    server_name _;

    return 301 https://$host$request_uri;
}

server {
	listen 443 ssl http2;
	server_name mydomain.com;

	ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
    ssl_certificate_key /etc/ssl/private/key-decrypted.key;

	location / {
		}
}

server {
	listen 443 ssl http2;
        server_name *.esmc.mydomain.com esmc.mydomain.com;

        ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
        ssl_certificate_key /etc/ssl/private/key-decrypted.key;

        location / {
                 proxy_pass https://172.16.0.7;
        }

}
 
server {
        listen 443 ssl http2;

        server_name *.passbolt.mydomain.com passbolt.mydomain.com;

        ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
        ssl_certificate_key /etc/ssl/private/key-decrypted.key;

        location / {
		proxy_pass https://172.16.0.24;
       }

}

Most recent Passbolt and Reverse Proxy Server Error Logs


Nginx Reverse Proxy Error Log
2022/08/06 20:22:45 [crit] 8149#8149: *3 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while keepalive, client: 34.76.96.55, server: 0.0.0.0:443
2022/08/06 20:24:06 [crit] 8277#8277: *3 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while reading response header from upstream, client: 98.243.113.57, server: *.passbolt.mydomain.com, request: "POST /users/recover.json?api-version=v2 HTTP/2.0", upstream: "https://172.16.0.24:443/users/recover.json?api-version=v2", host: "passbolt.mydomain.com", referrer: "https://passbolt.mydomain.com/auth/login?redirect=%2F&locale=en-UK"
2022/08/06 20:25:39 [crit] 8277#8277: *23 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while reading response header from upstream, client: 98.243.113.57, server: *.passbolt.mydomain.com, request: "POST /auth/verify.json?api-version=v2 HTTP/2.0", upstream: "https://172.16.0.24:443/auth/verify.json?api-version=v2", host: "passbolt.mydomain.com"
2022/08/06 20:26:10 [crit] 8277#8277: *23 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while reading response header from upstream, client: 98.243.113.57, server: *.passbolt.mydomain.com, request: "POST /setup/recover/abort/69049aff-d562-4d95-a22c-7a2e1ab8d109.json?api-version=v2 HTTP/2.0", upstream: "https://172.16.0.24:443/setup/recover/abort/69049aff-d562-4d95-a22c-7a2e1ab8d109.json?api-version=v2", host: "passbolt.mydomain.com"
2022/08/06 20:31:07 [crit] 8277#8277: *74 SSL_read() failed (SSL: error:0A000126:SSL routines::unexpected eof while reading) while reading response header from upstream, client: 98.243.113.57, server: *.passbolt.mydomain.com, request: "POST /setup/complete/2d9ac55d-4a60-46bc-9765-eddc9bc30922 HTTP/2.0", upstream: "https://172.16.0.24:443/setup/complete/2d9ac55d-4a60-46bc-9765-eddc9bc30922", host: "passbolt.mydomain.com"




Passbolt Nginx Error Log
2022/08/06 20:24:06 [info] 46897#46897: *234 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: "POST /users/recover.json?api-version=v2 HTTP/1.0", upstream: "fastcgi://unix:/run/php/php8.1-fpm.sock", host: "172.16.0.24", referrer: "https://passbolt.mydomain.com/auth/login?redirect=%2F&locale=en-UK"
2022/08/06 20:25:39 [info] 46897#46897: *252 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: "POST /auth/verify.json?api-version=v2 HTTP/1.0", upstream: "fastcgi://unix:/run/php/php8.1-fpm.sock", host: "172.16.0.24"
2022/08/06 20:26:10 [info] 46897#46897: *254 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: "POST /setup/recover/abort/69049aff-d562-4d95-a22c-7a2e1ab8d109.json?api-version=v2 HTTP/1.0", upstream: "fastcgi://unix:/run/php/php8.1-fpm.sock", host: "172.16.0.24"
2022/08/06 20:31:07 [info] 46897#46897: *359 SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) while sending to client, client: 172.16.0.26, server: passbolt.mydomain.com, request: "POST /setup/complete/2d9ac55d-4a60-46bc-9765-eddc9bc30922 HTTP/1.0", upstream: "fastcgi://unix:/run/php/php8.1-fpm.sock", host: "172.16.0.24"

@yash Passbolt Help | Troubleshoot SSL has a link to check your ssl certs. The decode error suggests maybe one of the passbolt server NGINX ssl keys is not right. The error with that cert/key is probably causing the unexpected eof while reading error in the reverse proxy.

Also run nginx -t on the passbolt server to check the NGINX config there.

nginx -t passes on the passbolt server.

All links that are provided for SSL Troubleshoot pass, and the correct chain is provided. Cert does match with the key.

I did notice that my private key starts with

-----BEGIN RSA PRIVATE KEY-----

instead of

-----BEGIN PRIVATE KEY-----

I’ll start there.

It seems that NGINX/OpenSSL is also identifying the use of TLSv1.

For example, in the default Passbolt setup, this line indicates NGINX settings for ssl versions https://github.com/passbolt/passbolt_api/blob/634880afd62a792ddd22c15805b07b7f14af1d2d/debian/conf/nginx-passbolt-ssl.conf#L22

I believe the error SSL_read() failed (SSL: error:0A00041A:SSL routines::tlsv1 alert decode error:SSL alert number 50) is from OpenSSL, as a result of NGINX ssl parameters. Make sure you are setting NGINX to TLSv1.2 and TLSv1.3 in both reverse proxy and backend.

Cleaned up the TLS mismatch, but was still unable to resolve this via the Nginx Reverse Proxy http block.

Didn’t change cert key at all.

-----BEGIN RSA PRIVATE KEY----- (this is acceptable)

I did resolve the issue by pushing this through via the stream module, and just terminated SSL on the back end server.

1 Like