August 19, 2010 07:33PM
I have Googled and looked at various sample SSL configurations and it seems like I've got things set up right, but there are two problems I can't seem to fix:

1. When I load https://dev.mysite.com, the lock that should appear in the upper right corner of the browser window does not appear.
2. The Java application behind the scenes uses httpUtil.GetRequestURL() to get the current request and it is getting http://dev.mysite.com instead of https://dev.mysite.com.

I have tried setting the Host header to $host instead of $http_host, and I've tried setting proxy_redirect to set the URL to https://dev.mysite.com, but neither had any effect. Setting Host to https://dev.mysite.com fixes the browser lock problem but appears to make the proxy_pass redirect stop happening, as I get a nice secure blank page.

My SSL server config is below. Can someone please tell me what I've done wrong?

server {
listen 443 default ssl;
server_name dev.mysite.com;

access_log /var/log/nginx/dev_mysite_access.log;
error_log /var/log/nginx/dev_mysite_error.log;

ssl_certificate /export/nginx/certs/mysite.com.crt;
ssl_certificate_key /export/nginx/certs/mysite.com.key;

location / {
# give site more time to respond
proxy_read_timeout 120;

# needed to forward user's IP address
proxy_set_header X-Real-IP $remote_addr;

# needed for HTTPS
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_max_temp_file_size 0;

proxy_pass http://localhost:8081;
}
}
Subject Author Posted

Trouble getting SSL and proxying to work correctly

janine August 19, 2010 07:33PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 186
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready