I got this issue when I trying to use an exteran URL via HAproxy to an NextCloud/Turnkey/Proxmox instance.

Bad Request

Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

My config at HAProxy are;

image946×83 9.25 KB

My config.php
has:
‘trusted_proxies’ =>
array (
0 => ‘192.168.1.1’,
),

192.168.1.1 ← is the HAproxy
I can access the NextCloud via local Ip on 443 with cert-warning

Try ticking the “Encrypt (SSL)” box. Afaik it should be set to “yes” if the backend server has SSL enabled.

I have tested

80, no, no
443, no, no
443, yes, no

Bad Request

Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

but I am trying to access “https://”…

If I change to port 80 I got the same.

I am able to access the nextcloud-servern without issue… via 80 I will be redirected to 443 with an cert-warning.

http://192.168.1.24/ redirects to https://192.168.1.24/ but working

Before we go any further, I have to say that I’m not a HAProxy expert, but I do use it on pfSense to provide SSL for some local services. However I’m not using it for Nextcloud.

Also, in case we can’t solve your issue here, and since your question is somewhat specific to the pfSense implementation of HAProxy, you might also want to ask your question in the Netgate forums: Cache/Proxy | Netgate Forum

That aside, what does the HAProxy frontend configuration look like? Is SSL offloading checked and have you provided a proper SSL certificate?