Proxy issue and cipher_mismatch

What is the name of the domain?

hetz.biz

What is the error number?

none

What is the error message?

cipher mismatch in Proxy mode

What is the issue you’re encountering

Trying to use Proxy mode - and I get Cipher mismatch

What steps have you taken to resolve the issue?

After an issue where all the /etc/nginx directory have been damaged, I reinstalled everything (naturally, the backup was … unavailable)
Since my domain does have some 3rd and 4th level names (real example: cons.new.hetz.biz) - I see that the SSL is not covered on this case, so I generated the certificates from scratch using Lets-Encrypt
Long story short - in the 4th level names, I set to “DNS Only” - everything works. However - when trying to switch to “Proxy” mode, I get the famous “Cipher Mismatch” (Chrome, Firefox, curl with a different message)
Things I’ve done trying to mitigate: Disabled/Enabled Universal SSL, Switch SSL to Full or Flexible (on this domain it’s on Full)

What are the steps to reproduce the issue?

regenerate nginx.conf, virtualhosts and certificates after stupid mistake

The Proxy only works with one layer of subdomains the apex name. e.g. example.com and www.example.com, but not yet.another.example.com. If you want to proxy a subdomain at the depth or beyond, you need to add Advanced Certificate Manager to the domain.

This topic was automatically closed after 15 days. New replies are no longer allowed.