Hi,
We have heterogeneous applications e and need centralizing requests on Nginx.
I´m trying use reverse proxy on a subdomain and redirect requests to Java Glassfish. The problem occurs by default on listening subdomains. For example:
server {
listen 80;
server_name subdomainA.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/appA/public;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ ^/(assets)/ {
root /var/www/rails_apps/appA/public;
gzip_static on;
expires 30d;
add_header Cache-Control public;
}
}
server {
listen 80;
server_name domain.com.br www.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/domain/public;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ ^/(assets)/ {
root /var/www/rails_apps/domain/public;
gzip_static on;
expires 30d;
add_header Cache-Control public;
}
}
Works fine! When access htttp://subdomainA.domain.com.br access app => /var/www/rails_apps/appA/public and http://www.domain.com.br access app => /var/www/rails_apps/domain/public.
But, if i'll trying use config bellow:
server {
### server port and name ###
listen 80;
listen 443 ssl;
ssl on;
server_name sudomainB.domain.com.br;
### SSL log files ###
access_log logs/ssl-access.log;
error_log logs/ssl-error.log;
### SSL cert files ###
ssl_certificate /opt/nginx/ssl/sudomainB.domain.com.br.crt;
ssl_certificate_key /opt/nginx/ssl/sudomainB.domain.com.br.key;
### Add SSL specific settings here ###
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
### We want full access to SSL via backend ###
location / {
### force timeouts if one of backend is died ##
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
### Set headers ####
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
### Most PHP, Python, Rails, Java App can use this header ###
#proxy_set_header X-Forwarded-Proto https;
#This is better##
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
### By default we don't want to redirect it ####
proxy_redirect off;
proxy_pass http://GLASSFISH_IP;
}
}
When access https://sudomainB.domain.com.br i´m get an Timeout Connection. But, if i'm trying access https://domain.com.br, works fine and i redirected to glassfissh root app.
Why HTTPS://subdomainB.domain.com.br doesn't work?