I have Googled and looked at various sample SSL configurations and it seems like I've got things set up right, but there are two problems I can't seem to fix:
1. When I load https://dev.mysite.com, the lock that should appear in the upper right corner of the browser window does not appear.
2. The Java application behind the scenes uses httpUtil.GetRequestURL() to get the current request and it is getting http://dev.mysite.com instead of https://dev.mysite.com.
I have tried setting the Host header to $host instead of $http_host, and I've tried setting proxy_redirect to set the URL to https://dev.mysite.com, but neither had any effect. Setting Host to https://dev.mysite.com fixes the browser lock problem but appears to make the proxy_pass redirect stop happening, as I get a nice secure blank page.
My SSL server config is below. Can someone please tell me what I've done wrong?
server {
listen 443 default ssl;
server_name dev.mysite.com;
access_log /var/log/nginx/dev_mysite_access.log;
error_log /var/log/nginx/dev_mysite_error.log;
ssl_certificate /export/nginx/certs/mysite.com.crt;
ssl_certificate_key /export/nginx/certs/mysite.com.key;
location / {
# give site more time to respond
proxy_read_timeout 120;
# needed to forward user's IP address
proxy_set_header X-Real-IP $remote_addr;
# needed for HTTPS
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_pass http://localhost:8081;
}
}