Description
If we reverse proxy to an internal server that is serving content explicitly and only over TLSv1.3, then you will get a 502 Bad Gateway error.
I did some digging and the issue is clearly happening in the server block of the proxy. You can find the discussions here https://forum.nginx.org/read.php?11,294147 and here https://unix.stackexchange.com/questions/706074/nginx-reverse-proxy-fails-with-tlsv1-3-on-backend-servers
So this is easily fixable by adding proxy_ssl_protocols TLSv1.3; to the Custom Nginx Configuration block in the Advanced tab of the proxy host in question.
Having to manually edit each host is not ideal though; this should maybe be improved in a future release as TLSv1.3 is more widely used.
Maybe adding a toggle switch saying something like TLSv1.3 only destination on the details or SSL tabs to enable this setting?
Nginx Proxy Manager Version
v2.9.18