« Previous Next »

• 10-15-2009, 12:29 PM

  golfguy0082 Joined on 10-14-2009, 5:33 PM Posts 2

  URL Rewrite to Apache Server - 502.3 Error Reply Contact  Hello, I've been struggling with this for weeks now.  I'm a newcomer to the forums here, but I'd be much obliged if someone could help.  I have a Windows 2008 R2 server that receives all port 80 and 443 requests that come through my router.  From there I want to use ARR/URL Rewrite as a reverse proxy.  It works marvelously when I'm routing to other IIS servers.  However, on one server I run SVN (using Apache), and whenever I try to route to that server I get a 502.3 error.  web address:  https://<domainname>/svn <rule name="svn" stopProcessing="true">                     <match url="svn*" />                     <conditions logicalGrouping="MatchAll" />                     <action type="Rewrite" url="https://figtreesvn/{R:0}" /> </rule>  The other thing to note is if I try to access https://figtreesvn/svn from the local network it works just fine.  Any help would be greatly appreciated.

• 10-16-2009, 6:55 PM

  In reply to

  anilr Joined on 05-23-2006, 10:13 PM Redmond, WA Posts 2,343	Re: URL Rewrite to Apache Server - 502.3 Error Reply Contact Can you use the instructions at http://blogs.msdn.com/jpsanders/archive/2009/08/24/using-netsh-to-analyze-wininet-problems-in-windows-7.aspx to create a trace for the failed SSL request.  You can e-mail me the etl file at anil (dot) ruia (at) microsoft (dot) com. Anil Ruia Senior Software Design Engineer IIS Core Server

• 11-07-2009, 3:27 AM

  In reply to

  anilr Joined on 05-23-2006, 10:13 PM Redmond, WA Posts 2,343	Re: URL Rewrite to Apache Server - 502.3 Error Reply Contact This turned out to be because of using a self-signed certificate which was untrusted on the ARR machine. Anil Ruia Senior Software Design Engineer IIS Core Server

• 11-12-2009, 11:22 PM

  In reply to

  golfguy0082 Joined on 10-14-2009, 5:33 PM Posts 2

  Re: URL Rewrite to Apache Server - 502.3 Error Reply Contact  Thanks Anil!  I forgot to post your response. "If you look at the "NetEvent ActivityID 32" in the etl file in netmon - you can see that after the server does initial handshake with the apache server, the server certificate from the apache server is untrusted - it then tries to get some more certificate information from http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab but it does not find the certificate CA in there also, so the SSL handshake fails with CERT_E_UNTRUSTEDROOT. You need to add the CA for the server certificate on the apache server to the "Trusted Root Certificate Authorities" on the ARR machine."