Updated my Pi-hole's from Buster to Bullseye and can't access through Nginx

Expected Behaviour:

2 Pihole's running on Raspi4B

Local dns
--> local dns set in hosts
SSL config (placed in conf-enabled) + certificates:

#Loading openssl
server.modules += ( "mod_openssl" )

setenv.add-environment = ("fqdn" => "true")
$SERVER["socket"] == ":443" {
	ssl.engine  = "enable"
	ssl.pemfile = "etc/lighttpd/ssl/combined.pem"
	ssl.openssl.ssl-conf-cmd = ("MinProtocol" => "TLSv1.3", "Options" => "-ServerPreference")

# Redirect HTTP to HTTPS
$HTTP["scheme"] == "http" {
    $HTTP["host"] =~ ".*" {
        url.redirect = (".*" => "https://%0$0")

Through Nginx proxy manager
Same config Pi-Hole
Nginx set: https://pi-hole.mydomain.be --> https://ipoffpihole:443

On Buster all working fine.

Also did clean install on a VM with same result...

Actual Behaviour:

On Bullseye:

Locals dns: working as before
Through Nginx Proxy manager: "502 Bad Gateway"

If I remove my SSL certificate from Pihole and set to proxy https://pi-hole.mydomain.be --> https://ipoffpihole:80 it's also working but then I don't have my local https anymore

What could be changed?

Debug Token:


Nginx Log:
2023/01/24 08:49:01 [error] 517#517: *1266 connect() failed (111: Connection refused) while connecting to upstream, client: "my ip adress", server: pi-hole-master.mydomain, request: "GET /admin/ HTTP/2.0", upstream: "", host: "pi-hole-master.mydomain.be"

Nginx Log (when ssl config is removed from PiHole and nginx is set to connect to http):
24/Jan/2023:08:49:01 +0100] - 502 502 - GET https pi-hole-master.mydomain.be "/admin/" [Client "my ip adress"] [Length 154] [Gzip -] [Sent-to] "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0" "-"

Solved the problem.
My nginx didn't support TLS 1.3, so when setting minimum tot TLS 1.2 all was working again.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.