Error during SSL Handshake with remote server


#1

Proxy Error

The proxy server could not handle the request GET / .

Reason: Error during SSL Handshake with remote server

  1. my discourse is building on a VM (172.16.1.162)

  2. my domain and main apache server is on the another VM (172.16.1.194)

I create a sub domain (forums.botio.com) for discourse, and after I set up ssl info and rebuild app.yml
it shows the error code like the top.

My apache setting for proxy on main apache server(172.16.1.194) is :

SuexecUserGroup "#1005" "#1005"
ServerName forums.botio.com
ServerAlias www.forums.botio.com
ServerAlias webmail.forums.botio.com
ServerAlias admin.forums.botio.com
DocumentRoot /home/botio.com/domains/forums.botio.com/public_html
ErrorLog /var/log/virtualmin/forums.botio.com_error_log
CustomLog /var/log/virtualmin/forums.botio.com_access_log combined
ScriptAlias /cgi-bin/ /home/botio.com/domains/forums.botio.com/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/botio.com/domains/forums.botio.com/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
AddType application/x-httpd-php .php
AddHandler fcgid-script .php
AddHandler fcgid-script .php7.0
FCGIWrapper /home/botio.com/domains/forums.botio.com/fcgi-bin/php7.0.fcgi .php
FCGIWrapper /home/botio.com/domains/forums.botio.com/fcgi-bin/php7.0.fcgi .php7.0
</Directory>
<Directory /home/botio.com/domains/forums.botio.com/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.forums.botio.com
RewriteRule ^(.*) https://forums.botio.com:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.forums.botio.com
RewriteRule ^(.*) https://forums.botio.com:10000/ [R]
RemoveHandler .php
RemoveHandler .php7.0
FcgidMaxRequestLen 1073741824
Alias /dav /home/botio.com/domains/forums.botio.com/public_html
<Location /dav>
DAV on
AuthType Basic
AuthName "forums.botio.com"
AuthUserFile /home/botio.com/domains/forums.botio.com/etc/dav.digest.passwd
Require valid-user
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php7.0
RewriteEngine off
</Location>
ProxyPass / https://172.16.1.162/
ProxyPassReverse / https://172.16.1.162/
SSLProxyEngine on

<Proxy *>
allow from all
</Proxy>
SSLEngine on
SSLCertificateFile /home/botio.com/domains/forums.botio.com/ssl.cert
SSLCertificateKeyFile /home/botio.com/domains/forums.botio.com/ssl.key
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCACertificateFile /home/botio.com/domains/forums.botio.com/ssl.ca

and the file app.yml :

    templates:
      - "templates/postgres.template.yml"
      - "templates/redis.template.yml"
      - "templates/web.template.yml"
      - "templates/web.ratelimited.template.yml"
      - "templates/web.ssl.template.yml"
      
    ## which TCP/IP ports should this container expose?
    ## If you want Discourse to share a port with another webserver like Apache or nginx,
    ## see https://meta.discourse.org/t/17247 for details

expose:
  - "80:80"   # http
  - "2222:22"
  - "443:443" # https

params:
  db_default_text_search_config: "pg_catalog.english"
db_shared_buffers: "256MB"
env:
  LANG: en_US.UTF-8
  
  UNICORN_WORKERS: 4

  DISCOURSE_HOSTNAME: forums.botio.com

  DISCOURSE_DEVELOPER_EMAILS: 'support@botio.com'

  DISCOURSE_SMTP_ADDRESS: botio.com
  DISCOURSE_SMTP_PORT: 587
  DISCOURSE_SMTP_USER_NAME: support.botio.com
  DISCOURSE_SMTP_PASSWORD: 
  #DISCOURSE_SMTP_ENABLE_START_TLS: true           # (optional, default true)

pls let me know how could I fix it if u have any idea, thank you.