Using docker, I am trying to setup a local reverse proxy where :
This is for the purpose of caching expensive requests to openai.
I am using the following configuration :
events {
worker_connections 10;
}
http {
proxy_cache_path /server_cache levels=1:2 keys_zone=my_cache:10m max_size=1g inactive=60m use_temp_path=off;
server {
listen 80;
location /v1/chat/completions {
proxy_pass https://api.openai.com;
proxy_cache my_cache;
proxy_cache_methods POST;
proxy_cache_key "$request_method$request_uri$request_body";
proxy_cache_valid 200 60m;
proxy_cache_valid 404 1m;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
proxy_cache_background_update on;
proxy_cache_lock on;
proxy_set_header Host $host;
}
location / {
proxy_pass https://api.openai.com;
proxy_set_header Host $host;
}
}
}
However I get this error from the nginx logs whenever it's processing a request :
[error] 24#24: *1 SSL_do_handshake() failed (SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstream
I've read I need to add some proxy_ssl_* directives and include some private keys...
But why on earth do I have to do this when the server I'm setting up is http, NOT https ? And I never need to specify any kind of cert (not to mention privates, that won't make sense) when connecting directly to the upstream https server.
Any solution ? Is it an nginx flaw ?
Some people mention adding
proxy_ssl_server_name on;
In your location block. Did you try this?
Else, if you want to proxy http to https, I've heard people usually suggest haproxy instead.