Hi List

I inherited the following setup:

nginx reverse caching proxy load balancing to two real servers. I am
trying to get SSL working.

Here is my config:

++++++++++++++++++++++++++++++++++++++++++++
upstream ssl-apache_cluster {
server 10.0.0.3:443;
server 10.0.0.6:443;
fair;
}

server {
listen 196.37.50.51:443;
client_max_body_size 5M;
client_body_buffer_size 128k;
server_name######################;
access_log /var/log/nginx/##########.access.log;

ssl on;
ssl_certificate /etc/nginx/ssl/#########.crt;
ssl_certificate_key /etc/nginx/ssl/domain.key;
ssl_session_cache shared:SSL:10m;


location / {
access_log off;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://ssl-apache_cluster;
}
location ~*
\.(jpg|jpeg|peg|PEG|gif|png|bmp|flv|pdf|ps|doc|mp3|wmv|wma|wav|swf|JPG|BMP|GIF|PNG|JPEG|ogg|mpg|mpeg|mpg4|zip|bz2|rar|xls|docx|avi|djvu|mp4|rtf|ico)$
{
root /var/www/jmredev;
expires 60;
slowfs_cache fastcache;
slowfs_cache_key $uri;
slowfs_cache_valid 7d;
access_log off;
}

location ~* \.(css|js)$ {
root /var/www/jmredev;
expires 60;
slowfs_cache fastcache;
slowfs_cache_key $uri;
slowfs_cache_valid 5m;
access_log off;
}


location ~* \.(mjs|mcss)$ {
set $domain www.j########; # Change this to your site's
domain name
set $root_fcgi /var/www/fastcache/; # Change this to the public root
folder of your site
set $root_cache /var/cache/nginx/minified; # Change this to a
folder in which to cache the minified files
set $min_dir /usr/local/nginx/minify/min; # Change this folder
to wherever you put the Minify files

include fastcgi_params;
fastcgi_param SITE_ROOT $root_fcgi;
fastcgi_param SCRIPT_FILENAME $min_dir/minifier.php;
fastcgi_param PATH_INFO minifier.php;
fastcgi_param SERVER_NAME $domain;
fastcgi_param CACHE_DIR $root_cache;

root $root_cache;

expires max;

gzip_static on; # You will need to have installed Nginx using the
--with-http_gzip_static_module flag for this to work
gzip_http_version 1.1;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;

# If there is not already a cached copy, create one
if (!-f $request_filename) {
root $root_fcgi;
fastcgi_pass 127.0.0.1:9000;
}
}


location ^~ /blog/sites/default/files/ {
proxy_redirect off;

access_log off;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass https://ssl-apache_cluster;
}


}


===========================================================================

When I try and start NGINX I get the following error:

reloading nginx configuration: nginx: [emerg] unknown directive "ssl" in
/etc/nginx/sites-enabled/j#########l_ssl:21

And this error in the browser:

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)


I am running Ubuntu server 10.04.2 LTS and NGINX 10.0.3


Many thanks

Lawrence
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx