<div dir="auto">1) once type nginx -V and send rhe output. <div dir="auto"><br></div><div dir="auto">2) certificate - certificate.cert</div><div dir="auto">Certificate_key - certificate.key</div><div dir="auto"><br></div><div dir="auto">Once recheck the certs section and make sure that you have generated with certificates with openssl properly. </div><div dir="auto"><br></div><div dir="auto">BR</div><div dir="auto">Harish Kumar</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu 26 Nov, 2020, 5:27 AM Pavan P, <<a href="mailto:pavan45@gmail.com">pavan45@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Harish,<div>Below is the config of my nginx. Https module is configured fine. Please let me know if I have missed anything.</div><div><br></div><div>server {<br>    server_name <a href="http://ci1.altlifelab.com" target="_blank" rel="noreferrer">ci1.altlifelab.com</a>;<br><br>    location / {<br>      proxy_set_header        Host $host:$server_port;<br>      proxy_set_header        X-Real-IP $remote_addr;<br>      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;<br>      proxy_set_header        X-Forwarded-Proto $scheme;<br><br><br>      # Fix the "It appears that your reverse proxy set up is broken" error.<br>      proxy_pass          <a href="http://127.0.0.1:9080" target="_blank" rel="noreferrer">http://127.0.0.1:9080</a>;<br>      proxy_read_timeout  90;<br><br>      proxy_redirect      <a href="http://127.0.0.1:9080" target="_blank" rel="noreferrer">http://127.0.0.1:9080</a> <a href="http://www.ci1.altlifelab.com" target="_blank" rel="noreferrer">http://www.ci1.altlifelab.com</a>;<br><br>      # Required for new HTTP-based CLI<br>      proxy_http_version 1.1;<br>      proxy_request_buffering off;<br>      # workaround for <a href="https://issues.jenkins-ci1.org/browse/JENKINS-45651" target="_blank" rel="noreferrer">https://issues.jenkins-ci1.org/browse/JENKINS-45651</a><br>      add_header 'X-SSH-Endpoint' '<a href="http://ci1.altlifelab.com:50022" target="_blank" rel="noreferrer">ci1.altlifelab.com:50022</a>' always;<br>    }<br><br>    listen 443 ssl; # managed by Certbot<br>    ssl_certificate /etc/letsencrypt/live/<a href="http://ci1.altlifelab.com/fullchain.pem" target="_blank" rel="noreferrer">ci1.altlifelab.com/fullchain.pem</a>; # managed by Certbot<br>    ssl_certificate_key /etc/letsencrypt/live/<a href="http://ci1.altlifelab.com/privkey.pem" target="_blank" rel="noreferrer">ci1.altlifelab.com/privkey.pem</a>; # managed by Certbot<br>    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot<br>    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot<br><br><br>}<br><br>server {<br>    if ($host = <a href="http://ci1.altlifelab.com" target="_blank" rel="noreferrer">ci1.altlifelab.com</a>) {<br>#        return 301 https://$host$request_uri;<br>return 301 <a href="https://myapps.microsoft.com/signin/ci2/a825dd26-fed2-4423-ae69-6a7d457b4b44?tenantId=eb9970cc-4803-4f6a-9ad2-e9b46042c5fd" target="_blank" rel="noreferrer">https://myapps.microsoft.com/signin/ci2/a825dd26-fed2-4423-ae69-6a7d457b4b44?tenantId=eb9970cc-4803-4f6a-9ad2-e9b46042c5fd</a>;<br>    } # managed by Certbot<br><br><br>    listen 80;<br>server_name <a href="http://ci1.altlifelab.com" target="_blank" rel="noreferrer">ci1.altlifelab.com</a>;<br>

return 301 <a href="https://myapps.microsoft.com/signin/ci2/a825dd26-fed2-4423-ae69-6a7d457b4b44?tenantId=eb9970cc-4803-4f6a-9ad2-e9b46042c5fd" target="_blank" rel="noreferrer">https://myapps.microsoft.com/signin/ci2/a825dd26-fed2-4423-ae69-6a7d457b4b44?tenantId=eb9970cc-4803-4f6a-9ad2-e9b46042c5fd</a>;

<br>}<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Nov 26, 2020 at 5:04 AM HARISH KUMAR Ivaturi <<a href="mailto:harishkumarivaturi@gmail.com" target="_blank" rel="noreferrer">harishkumarivaturi@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">I am not sure if you have configured nginx with https_module. Once try that. And also add proper headers in the nginx.conf like <div dir="auto"><br></div><div dir="auto">Listen 443 ssl;</div><div dir="auto">Certificates location</div><div dir="auto"><br></div><div dir="auto">BR</div><div dir="auto">Harish Kumar</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed 25 Nov, 2020, 3:53 PM Pavan P, <<a href="mailto:pavan45@gmail.com" target="_blank" rel="noreferrer">pavan45@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi,<div>I have configured nginx to authenticate with azure AD for login.</div><div><br></div><div>When I access the site <a href="http://abc.example.com" rel="noreferrer noreferrer" target="_blank">abc.example.com</a> it redirects to Azure for authentication and redirects me back once the authentication is complete.</div><div><br></div><div>How ever when I try to access the site with https <a href="http://abc.example.com" rel="noreferrer noreferrer" target="_blank">abc.example.com</a> it does not redirect for authentication.</div><div><br></div><div>Is there anyway I can get both http and https to redirect for azure auth.</div><div><br></div><div>Regards,</div><div>Pavan</div><div><br></div></div>
_______________________________________________<br>
nginx-devel mailing list<br>
<a href="mailto:nginx-devel@nginx.org" rel="noreferrer noreferrer" target="_blank">nginx-devel@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" rel="noreferrer noreferrer noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></blockquote></div>
_______________________________________________<br>
nginx-devel mailing list<br>
<a href="mailto:nginx-devel@nginx.org" target="_blank" rel="noreferrer">nginx-devel@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" rel="noreferrer noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></blockquote></div>
_______________________________________________<br>
nginx-devel mailing list<br>
<a href="mailto:nginx-devel@nginx.org" target="_blank" rel="noreferrer">nginx-devel@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" rel="noreferrer noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></blockquote></div>