github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 16:15:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #2904] [Question] HTTPS-Proxy ... BAD GATEWAY message in Browser #2314

New issue
Closed
opened 2026-05-05 13:29:36 -06:00 by gitea-mirror · 6 comments
gitea-mirror commented 2026-05-05 13:29:36 -06:00
Owner
Copy link

Originally created by @ikarstein on GitHub (Apr 20, 2022).
Original GitHub issue: https://github.com/fatedier/frp/issues/2904

Describe the feature request

Hi all,

I have a question regarding the configuration of FRPS/FRPC...

"Outside" my LAN I have a Debian VM with a public IP (v4). Inside my LAN I have a Windows machine.

On the Windows machine I run an ASP.NET app on IIS with HTTPS and SNI. This is all running.

I want to access this ASP.NET app from the internet. Also via HTTPS.

I started FRPS on the Debian VM and added "vhost_https_port=443" to the frps.ini

On the Windows machine I added this to frsc.ini:

[web01]
type = https
local_ip = 127.0.0.1
local_port = 443
use_encryption = false
use_compression = true
custom_domains = myapp.example.com
proxy_protocol_version = v2

frpc starts without problems and connects to frps (on the Debian VM).

On a third machine (Windows) I added an entry to the HOSTS file for "myapp.example.com" for the public IP of the Debian machine (FRPS).

When I try to access http://myapp.example.com I see the request on the Debian machine (FRPS) but in the browser (on the third machine) I get an error "ERR_CONNECTION_CLOSED".

What do I miss here? I cannot find my mistake.

Thank you all!

Regards
Ingo

Originally created by @ikarstein on GitHub (Apr 20, 2022). Original GitHub issue: https://github.com/fatedier/frp/issues/2904 ### Describe the feature request Hi all, I have a question regarding the configuration of FRPS/FRPC... "Outside" my LAN I have a Debian VM with a public IP (v4). Inside my LAN I have a Windows machine. On the Windows machine I run an ASP.NET app on IIS with HTTPS and SNI. This is all running. I want to access this ASP.NET app from the internet. Also via HTTPS. I started FRPS on the Debian VM and added "vhost_https_port=443" to the frps.ini On the Windows machine I added this to frsc.ini: [web01] type = https local_ip = 127.0.0.1 local_port = 443 use_encryption = false use_compression = true custom_domains = myapp.example.com proxy_protocol_version = v2 frpc starts without problems and connects to frps (on the Debian VM). On a third machine (Windows) I added an entry to the HOSTS file for "myapp.example.com" for the public IP of the Debian machine (FRPS). When I try to access http://myapp.example.com I see the request on the Debian machine (FRPS) but in the browser (on the third machine) I get an error "ERR_CONNECTION_CLOSED". What do I miss here? I cannot find my mistake. Thank you all! Regards Ingo
gitea-mirror commented 2026-05-05 13:29:39 -06:00
Author
Owner
Copy link

@ikarstein commented on GitHub (Apr 20, 2022):

Now I found the plugin "https2https"

I changed the config:

[web01]
type = https
#local_ip = 127.0.0.1
#local_port = 443
use_encryption = false
use_compression = false
custom_domains = myapp.example.com
proxy_protocol_version = v2
plugin = https2https
plugin_local_addr = 127.0.0.1:443
plugin_crt_path = c:\ssl\myapp.example.com.crt
plugin_key_path = c:\ssl\myapp.example.com.key
plugin_host_header_rewrite = myapp.example.com
plugin_header_X-From-Where = frp

On the third machine I use the browser to access https://myapp.example.com.

Now I get a 502 "Bad Gateway" error.

<!-- gh-comment-id:1104208183 --> @ikarstein commented on GitHub (Apr 20, 2022): Now I found the plugin "https2https" I changed the config: [web01] type = https #local_ip = 127.0.0.1 #local_port = 443 use_encryption = false use_compression = false custom_domains = myapp.example.com proxy_protocol_version = v2 plugin = https2https plugin_local_addr = 127.0.0.1:443 plugin_crt_path = c:\ssl\myapp.example.com.crt plugin_key_path = c:\ssl\myapp.example.com.key plugin_host_header_rewrite = myapp.example.com plugin_header_X-From-Where = frp On the third machine I use the browser to access https://myapp.example.com. **Now I get a 502 "Bad Gateway" error.**
gitea-mirror commented 2026-05-05 13:29:39 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Apr 21, 2022):

Why you set proxy_protocol_version = v2?

<!-- gh-comment-id:1104634470 --> @fatedier commented on GitHub (Apr 21, 2022): Why you set `proxy_protocol_version = v2`?
gitea-mirror commented 2026-05-05 13:29:41 -06:00
Author
Owner
Copy link

@ikarstein commented on GitHub (Apr 21, 2022):

Thank you for your answer!

... because I saw it in a sample config. I already tried it without this line.

<!-- gh-comment-id:1104723139 --> @ikarstein commented on GitHub (Apr 21, 2022): Thank you for your answer! ... because I saw it in a sample config. I already tried it without this line.
gitea-mirror commented 2026-05-05 13:29:41 -06:00
Author
Owner
Copy link

@ikarstein commented on GitHub (Apr 21, 2022):

The current (and also not working) config is:

#frpc.ini
[common]
server_addr = x.x.x.x
server_port = yyyy
token=abc
log_level = trace
tls_enable = true
tls_cert_file = c:\ssl\client.crt
tls_key_file = c:\ssl\client.key

[web01]
type = https
#local_ip = 127.0.0.1
#local_port = 443
#use_encryption = false
#use_compression = false
custom_domains = myapp.example.com
#proxy_protocol_version = v2
plugin = https2https 
plugin_local_addr = 127.0.0.1:443
plugin_crt_path = c:\ssl\myapp.example.com.crt
plugin_key_path = c:\ssl\myapp.example.com.key
plugin_host_header_rewrite = myapp.example.com
plugin_header_X-From-Where = frp

As you can see I added TLS for the connection between FRPC and FRPS. The handshake seems to be okay.

On FRPC machine I get this log message:
2022/04/20 23:41:11 [D] [proxy.go:784] [XXXXXXXXXXXXXXXX] [web01] handle by plugin: https2http

Without a "s" behind the second "http" in the plugin name... Is that correct?

<!-- gh-comment-id:1104777590 --> @ikarstein commented on GitHub (Apr 21, 2022): The current (and also not working) config is: ``` #frpc.ini [common] server_addr = x.x.x.x server_port = yyyy token=abc log_level = trace tls_enable = true tls_cert_file = c:\ssl\client.crt tls_key_file = c:\ssl\client.key [web01] type = https #local_ip = 127.0.0.1 #local_port = 443 #use_encryption = false #use_compression = false custom_domains = myapp.example.com #proxy_protocol_version = v2 plugin = https2https plugin_local_addr = 127.0.0.1:443 plugin_crt_path = c:\ssl\myapp.example.com.crt plugin_key_path = c:\ssl\myapp.example.com.key plugin_host_header_rewrite = myapp.example.com plugin_header_X-From-Where = frp ``` As you can see I added TLS for the connection between FRPC and FRPS. The handshake seems to be okay. On FRPC machine I get this log message: `2022/04/20 23:41:11 [D] [proxy.go:784] [XXXXXXXXXXXXXXXX] [web01] handle by plugin: https2http` Without a "s" behind the second "http" in the plugin name... Is that correct?
gitea-mirror commented 2026-05-05 13:29:42 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Apr 21, 2022):

You can try your original configs:

[web01]
type = https
local_ip = 127.0.0.1
local_port = 443
custom_domains = myapp.example.com
<!-- gh-comment-id:1104785813 --> @fatedier commented on GitHub (Apr 21, 2022): You can try your original configs: ``` [web01] type = https local_ip = 127.0.0.1 local_port = 443 custom_domains = myapp.example.com ```
gitea-mirror commented 2026-05-05 13:29:44 -06:00
Author
Owner
Copy link

@ikarstein commented on GitHub (Apr 21, 2022):

This was my first approach.

...But now it works !!!

I am confused. I still had that first configuration at the end of my
FRPC.INI file.

THANK YOU!

<!-- gh-comment-id:1104795656 --> @ikarstein commented on GitHub (Apr 21, 2022): This was my first approach. ...But now it works !!! I am confused. I still had that first configuration at the end of my FRPC.INI file. THANK YOU!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2314
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?