Fix for 0x80072f0c error (502.3 – Bad Gateway) for reverse proxy to SSL with IIS
I’ve spent most of a week struggling with this error. I set up IIS to reverse proxy to a backend server using the URL Rewrite module and the Application Request Routing (ARR) module. The first problem I encountered was that when using the “Reverse Proxy” wizard/template under URL Rewrite, it kept blowing up, giving me an error 500. The solution for this was to first go to “Server Variables” and add “HTTP_ACCEPT_ENCODING” as an allowed server variable. Next, I had to go into the configuration and set HTTP_ACCEPT_ENCODING to be passed to the destination server with an EMTPY value. You can’t do this direction from the configuration screen, because that demands a value. You can do it in web.config (or anywhere in the configuration chain). I did it by going to the “configuration editor” in IIS Manager to edit the value raw with no validation.
The next problem was much trickier. The reverse proxy template was able to handle carrying over SSL just fine to the backend server, but when I tried to access those links, it would blow up, giving me an error 502.3. Turning on detailed error reporting showed me an error code of 0x80072f0c and the text “HTTP Error 502.3 – Bad Gateway”. Full details showed more confusion under “possible causes”:
The CGI application did not return a valid set of HTTP errors.
A server acting as a proxy or gateway was unable to process the request due to an error in a parent gateway.
This made no sense to me at all. After hours of work on this issue, I finally found the problem. The virtual directory on the destination server (the one BEHIND the proxy) had been set to “Accept” client SSL certificates; this needs to be set to “Ignore”. While the site itself was set to “Ignore”, the virtual directory had been created with “Accept”, causing the problems.
J.Ja