Reverse Proxy with multiple SSL servers
Posted by Dob2806
|
Reverse Proxy with multiple SSL servers April 06, 2013 04:48PM |
Registered: 11 years ago Posts: 2 |
Hi everybody,
I'm stuck in a problem and can get it away...
I'm in a Virtual environment :
1 reverse proxy using nginx (firewall's port 80 and 443 are redirect to him)
1 wordpress server using nginx (192.168.1.10)
1 webmail server using Zimbra (https) (192.168.1.15)
1 z-push server using Z-push (http cause i can't configure 2 reverse proxy in https) (192.168.1.16)
1 Cloud server using Owncloud (http cause i can't configure 3 reverse proxy in https) (192.168.1.17)
if i'm configuring only wordpress and Zimbra it's work like a charm.
But when i try to configure another webserver in SSL it stuck !!
this is my serverblock for each server
server {
listen 80;
server_name wordpress.mydomain.fr;
access_log /var/log/nginx/blog-access.log;
error_log /var/log/nginx/blog-error.log;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_types text/css text/plain text/xml application/xml application/javascript application/x-javascript text/javascript application/json text/x-json;
# Some version of IE 6 don't handle compression well on some mime-types,
# so just disable for them
gzip_disable "MSIE [1-6]\.";
# Set a vary header so downstream proxies don't send cached gzipped
# content to IE6
gzip_vary on;
location / {
proxy_pass http://192.168.1.10/;
}
}
server {
listen 443;
server_name zimbra.mydomain.fr;
keepalive_timeout 70;
access_log /var/log/nginx/zimbra-access.log;
error_log /var/log/nginx/zimbra-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zimbra.crt;
ssl_certificate_key /etc/nginx/ssl/zimbra.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.15;
}
}
but when i try to configure other SSL server it won't work.
i've try this :
server {
listen 443;
server_name zpush.mydomain.fr;
keepalive_timeout 70;
access_log /var/log/nginx/zpush-access.log;
error_log /var/log/nginx/zpush-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zpush.crt;
ssl_certificate_key /etc/nginx/ssl/zpush.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.16;
}
}
and try to change also this in each serverblock :
server {
listen 192.168.1.15 443;
server_name zimbra.mydomain.fr;
server {
listen 192.168.1.16 443;
server_name zpush.mydomain.fr;
even for owncloud but i've got a Bad Gateway error 502 does anybody have an idea ?
Thanks in advance.
Dob.
I'm stuck in a problem and can get it away...
I'm in a Virtual environment :
1 reverse proxy using nginx (firewall's port 80 and 443 are redirect to him)
1 wordpress server using nginx (192.168.1.10)
1 webmail server using Zimbra (https) (192.168.1.15)
1 z-push server using Z-push (http cause i can't configure 2 reverse proxy in https) (192.168.1.16)
1 Cloud server using Owncloud (http cause i can't configure 3 reverse proxy in https) (192.168.1.17)
if i'm configuring only wordpress and Zimbra it's work like a charm.
But when i try to configure another webserver in SSL it stuck !!
this is my serverblock for each server
server {
listen 80;
server_name wordpress.mydomain.fr;
access_log /var/log/nginx/blog-access.log;
error_log /var/log/nginx/blog-error.log;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_types text/css text/plain text/xml application/xml application/javascript application/x-javascript text/javascript application/json text/x-json;
# Some version of IE 6 don't handle compression well on some mime-types,
# so just disable for them
gzip_disable "MSIE [1-6]\.";
# Set a vary header so downstream proxies don't send cached gzipped
# content to IE6
gzip_vary on;
location / {
proxy_pass http://192.168.1.10/;
}
}
server {
listen 443;
server_name zimbra.mydomain.fr;
keepalive_timeout 70;
access_log /var/log/nginx/zimbra-access.log;
error_log /var/log/nginx/zimbra-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zimbra.crt;
ssl_certificate_key /etc/nginx/ssl/zimbra.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.15;
}
}
but when i try to configure other SSL server it won't work.
i've try this :
server {
listen 443;
server_name zpush.mydomain.fr;
keepalive_timeout 70;
access_log /var/log/nginx/zpush-access.log;
error_log /var/log/nginx/zpush-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zpush.crt;
ssl_certificate_key /etc/nginx/ssl/zpush.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.16;
}
}
and try to change also this in each serverblock :
server {
listen 192.168.1.15 443;
server_name zimbra.mydomain.fr;
server {
listen 192.168.1.16 443;
server_name zpush.mydomain.fr;
even for owncloud but i've got a Bad Gateway error 502 does anybody have an idea ?
Thanks in advance.
Dob.
|
Re: Reverse Proxy with multiple SSL servers April 06, 2013 05:33PM |
Registered: 11 years ago Posts: 2 |
Well... i've type again my severblock file and it's look like it's work now (i don't really understand it's about 10 times i did it ???)
for information and help other peoples, these are my serverblock files :
------ WORDPRESS ------
server {
listen 80;
server_name wordpress.mydomain.fr;
access_log /var/log/nginx/wordpress-access.log;
error_log /var/log/nginx/wordpress-error.log;
location / {
proxy_pass http://192.168.1.10;
}
}
------ ZIMBRA ------
server {
listen 443;
server_name zimbra.mydomain.fr;
access_log /var/log/nginx/zimbra-access.log;
error_log /var/log/nginx/zimbra-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zimbra.crt;
ssl_certificate_key /etc/nginx/ssl/zimbra.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.15;
}
}
------ ZPUSH ------
server {
listen 443;
server_name zpush.mydomain.fr;
access_log /var/log/nginx/push-access.log;
error_log /var/log/nginx/push-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zpush.crt;
ssl_certificate_key /etc/nginx/ssl/zpush.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.16;
}
}
------ OWNCLOUD ------
server {
listen 443;
server_name cloud.mydomain.fr;
access_log /var/log/nginx/cloud-access.log;
error_log /var/log/nginx/cloud-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/cloud.crt;
ssl_certificate_key /etc/nginx/ssl/cloud.key;
ssl_session_cache shared:SSL:10m;
location / {
proxy_pass https://192.168.1.17;
}
}
for information and help other peoples, these are my serverblock files :
------ WORDPRESS ------
server {
listen 80;
server_name wordpress.mydomain.fr;
access_log /var/log/nginx/wordpress-access.log;
error_log /var/log/nginx/wordpress-error.log;
location / {
proxy_pass http://192.168.1.10;
}
}
------ ZIMBRA ------
server {
listen 443;
server_name zimbra.mydomain.fr;
access_log /var/log/nginx/zimbra-access.log;
error_log /var/log/nginx/zimbra-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zimbra.crt;
ssl_certificate_key /etc/nginx/ssl/zimbra.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.15;
}
}
------ ZPUSH ------
server {
listen 443;
server_name zpush.mydomain.fr;
access_log /var/log/nginx/push-access.log;
error_log /var/log/nginx/push-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/zpush.crt;
ssl_certificate_key /etc/nginx/ssl/zpush.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.16;
}
}
------ OWNCLOUD ------
server {
listen 443;
server_name cloud.mydomain.fr;
access_log /var/log/nginx/cloud-access.log;
error_log /var/log/nginx/cloud-error.log;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /etc/nginx/ssl/cloud.crt;
ssl_certificate_key /etc/nginx/ssl/cloud.key;
ssl_session_cache shared:SSL:10m;
location / {
proxy_pass https://192.168.1.17;
}
}
Sorry, only registered users may post in this forum.
Online Users
Guests:
81
Record Number of Users:
8
on April 13, 2023
Record Number of Guests:
421
on December 02, 2018
This forum is powered by Phorum.
 |
 |
 |
 |
|