Web Server with HTTPS encryption showing different responses from both internal and external network

Question

We have a new SSL certificate installed in Sophos for a website we are hosting. When I configure the web server with an HTTP encryption, there is no issue. But when I change it to HTTPS encryption, these are the issues we are having: 
 From internal network, it shows: 
 Proxy Error 
 The proxy server could not handle the request 
 Reason: Error during SSL Handshake with remote server 
 
 From external network, it shows: 
 This site can&rsquo;t provide a secure connection 
 domain.com sent an invalid response. ERR_SSL_PROTOCOL_ERROR 
 
 What are we missing out something to make this work properly?

Prism · Accepted Answer

Does the downstream Web Server (IP_DMZ_CSI-SVR03) also supports HTTPS? 
 Looking by the error given by WAF, the downstream Web Server is only available through plain-text HTTP. 
 I recommend you to change from HTTPS to HTTP on the Web Server configuration. (Maintaining the same port 8080.) 
 Jason Roble said: When I configure the web server with an HTTP encryption, there is no issue. But when I change it to HTTPS encryption, these are the issues we are having: 
 It's because the downstream Web Server (IP_DMZ_CSI-SVR03) doesn't support HTTPS. 
 You should leave the WAF to handle the encryption with the client and send the traffic to downstream though plain-text HTTP. (There's no need for the WAF to encrypt all traffic again with downstream, unless you don't trust your own internal network.)

Web Server with HTTPS encryption showing different responses from both internal and external network

Proxy Error

Top Replies