Welcome! Log In Create A New Profile

Advanced

Re: OWIN Server Error

Peter Booth via nginx
January 21, 2019 12:06PM
Petrosetta,

Question is your nginx server running on the same host as your owin / IIS server?
With OWIN / IIS listening only on port 80 and nginx only on port 443?
And both listening on the physical NIC (not localhost) and no firewall?

It looks as though you are wanting to do SSL termination and HTTP/2 with nginx
and proxy everything to OWIN/IIS - is that correct?

If it were me, I’d try to bisect the problem:

1. first repeat the test request (ideally with curl ) as an HTTP 1.1 request
2. If that didn’t work, configure a second VirtualHost in nginx on port 8080 that has no SSL and request that with curl

Also, your config suggests that your web server might be internet visible.
If It is, I would suggest that you try access these test URLs, and also directly
accessing your IIS using the redbot.org HTTP validator.

Good luck,

Peter

> On 21 Jan 2019, at 9:23 AM, petrosetta <nginx-forum@forum.nginx.org> wrote:
>
> Morning all
> I don;t know if anyone has ever had this problem bit I am attempting to put
> an OWIN Server running on a Windows 2012 Server with IIS. Whenever we try to
> log on going through the NGINX server, I get "Invalid login attempt. Verify
> that your username and password are correct." I am sure the username and
> password are correct. When I look in NGINX logs, I am seeing GET
> /WebAccess/fonts/glyphicons-halflings-regular.woff2 HTTP/2.0" 404 1245
> https://mywebsite/Content/css?v=looooong string.
>
> My settings for this server in NGINX is the following:
>
> listen 443 ssl http2;
> server_tokens off;
> more_clear_headers Server;
> server_name devmachine.mydomain.com;
> ssl on;
> ssl_certificate ssl/devmachine/certificate.crt;
> ssl_certificate_key ssl/devmachine/private-key.pem;
> ssl_dhparam ssl/dhparams.pem;
> ssl_ecdh_curve secp384r1;
> ssl_stapling on;
> ssl_stapling_verify on;
> ssl_trusted_certificate ssl/devmachine/certificate-trusted.crt;
> resolver 8.8.8.8 8.8.4.4 valid=300s;
> resolver_timeout 10s;
> ssl_protocols TLSv1.3 TLSv1.2;
> ssl_prefer_server_ciphers on;
> ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
> ssl_session_cache shared:SSL:1m;
> ssl_session_timeout 1h;
> ssl_session_tickets off;
> add_header Strict-Transport-Security
> "max-age=31536000;includeSubDomains" always;
> access_log /var/log/nginx/access.log main;
> log_not_found on;
>
> location / {
> proxy_pass https://devserver;
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Proto $scheme;
> add_header X-Frame-Options SAMEORIGIN;
> add_header X-Content-Type-Options nosniff;
> add_header X-XSS-Protection "1; mode=block";
> proxy_ignore_client_abort on;
> proxy_buffering off;
> proxy_read_timeout 3600s;
> proxy_send_timeout 3600s;
> if ($limit_bots = 1) {
> return 403;
> }
> }
>
> Has anyone been able to get NGINX working with OWIN?
>
> Posted at Nginx Forum: https://forum.nginx.org/read.php?2,282762,282762#msg-282762
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

OWIN Server Error

petrosetta January 21, 2019 09:23AM

Re: OWIN Server Error

Peter Booth via nginx January 21, 2019 12:06PM

Re: OWIN Server Error

petrosetta January 21, 2019 01:21PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 122
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready