Welcome! Log In Create A New Profile

Advanced

Reverse proxy SSL subdomain

July 08, 2014 10:45AM
Hi,

We have heterogeneous applications e and need centralizing requests on Nginx.

I´m trying use reverse proxy on a subdomain and redirect requests to Java Glassfish. The problem occurs by default on listening subdomains. For example:

server {
listen 80;
server_name subdomainA.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/appA/public;

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

location ~ ^/(assets)/ {
root /var/www/rails_apps/appA/public;
gzip_static on;
expires 30d;
add_header Cache-Control public;
}
}

server {
listen 80;
server_name domain.com.br www.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/domain/public;

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

location ~ ^/(assets)/ {
root /var/www/rails_apps/domain/public;
gzip_static on;
expires 30d;
add_header Cache-Control public;
}
}

Works fine! When access htttp://subdomainA.domain.com.br access app => /var/www/rails_apps/appA/public and http://www.domain.com.br access app => /var/www/rails_apps/domain/public.

But, if i'll trying use config bellow:

server {
### server port and name ###
listen 80;
listen 443 ssl;
ssl on;
server_name sudomainB.domain.com.br;

### SSL log files ###
access_log logs/ssl-access.log;
error_log logs/ssl-error.log;

### SSL cert files ###
ssl_certificate /opt/nginx/ssl/sudomainB.domain.com.br.crt;
ssl_certificate_key /opt/nginx/ssl/sudomainB.domain.com.br.key;

### Add SSL specific settings here ###

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

### We want full access to SSL via backend ###
location / {
### force timeouts if one of backend is died ##
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

### Set headers ####
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

### Most PHP, Python, Rails, Java App can use this header ###
#proxy_set_header X-Forwarded-Proto https;
#This is better##
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;

### By default we don't want to redirect it ####
proxy_redirect off;

proxy_pass http://GLASSFISH_IP;
}
}

When access https://sudomainB.domain.com.br i´m get an Timeout Connection. But, if i'm trying access https://domain.com.br, works fine and i redirected to glassfissh root app.

Why HTTPS://subdomainB.domain.com.br doesn't work?
Subject Author Posted

Reverse proxy SSL subdomain

picanha July 08, 2014 10:45AM

Re: Reverse proxy SSL subdomain

Maxim Dounin July 08, 2014 10:56AM

Re: Reverse proxy SSL subdomain

picanha July 08, 2014 11:40AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 94
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready