Argo Tunnel origin ssl

#1

Hello,

I’m wondering if anyone has dealt with this kind of situation before using argo tunnel and cloudflare load balancer.

Here is the setup

Cloudflare -> Argo tunnel -> nginx load balancer . - > app server

I understand that this is probably not best practice as I believe the intended use of argo is to have cloudflared running directly on the app server. The reason we are using nginx is so we have the control and visibility in front of the app servers.

The issue I’m having is directly related to using SSL with this kind of setup. I get this error when trying to start cloudflared

ERRO[0000] unable to connect to the origin error="...:443 doesn’t seem to work over https, but does seem to work over http. Consider changing the origin URL to http://...:443"

I took out the real ip for obvious reasons.

When I configure nginx to not use SSL and change the url to port 80 things work just fine.

Does cloudflared not support using SSL internally like this?

Thanks!

0 Likes

#2

Do you have a valid SSL certificate of some kind on the nginx load balancer?

0 Likes

#3

yes,

I have tried using a valid cert from a CA, self signed cert, as well as a cloudflare origin cert but they all yield the same results. I’m able to hit the endpoint via SSL just fine internally.

I’m wondering if cloudflared doesn’t support using ssl internally like that?

0 Likes