How can I fix 502 Bad Gateway with my reverse proxy setup for SSL termination?

[IsabellaEB]

I’ve been trying to set up a reverse proxy for my home lab server to handle SSL termination, but I keep running into 502 Bad Gateway errors after the initial setup seems to work. My backend is a simple web app on a different port, and the proxy host config looks right, but something in the handoff is failing.

[Nathan_J]

One time I fixed this by changing the upstream to localhost:8080 instead of the container IP. The app was listening on 127.0.0.1 only, so the proxy kept getting connection refused. Binding it to 0.0.0.0 or pointing the proxy at the right interface cleared the 502.

[Penelope.H]

I used to think TLS offloading was the culprit, but in my case it was headers. After I added X-Forwarded-Proto and correct Host headers, the gateway stopped balking at the backend. Then I rebooted and it came back, so not a clean win.

[AdamYW]

Are you sure the backend is reachable from the proxy host at the port you configured?

[Joseph.M]

I kept chasing SSL ciphers at 2am and forgot the firewall rules. A simple TCP block on the backend side was the real blocker. Once I opened the port, the 502 vanished for a while.