I'm using Amazon CloudFront to serve content, but my users are receiving the HTTP 502 error "CloudFront wasn't able to connect to the origin." What is causing this error?

HTTP 502 errors from CloudFront can occur because of the following reasons:

  1. There's an SSL negotiation failure because the origin is using SSL/TLS protocols and ciphers that aren't supported by CloudFront.
  2. There's an SSL negotiation failure because the SSL certificate on the origin is expired or invalid, or because the certificate chain is invalid.
  3. There's a host header mismatch in the SSL negotiation between your CloudFront distribution and the custom origin.
  4. The custom origin isn't responding on the ports specified in the origin settings of the CloudFront distribution.
  5. The custom origin is ending the connection to CloudFront too quickly.

For detailed instructions on how to troubleshoot these issues, see HTTP 502 Status Code (Bad Gateway).

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2018-06-05