Using NGINX as reverse proxy for OWA

Mon Oct 19 17:41:00 MSD 2009

Hi meszi. What version of nginx is running on your server?

I had to compile https support with nginx for my debian server. Dont know if this is the same for ubuntu.

Regards

ben

Sent from my Windows Mobile® phone.

-----Original Message-----
From: meszi <nginx-forum at nginx.us>
Sent: Monday, 19 October 2009 10:22 PM
To: nginx at sysoev.ru <nginx at sysoev.ru>
Subject: Using NGINX as reverse proxy for OWA

Hi there,

I am trying to get NGINX running as some proxy for accessing OWA. My aim is to provide company-internal OWA also externally but through NGINX which will be running on the gateway then.

I followed the instructions of http://planetit.ws/linux/debian/configuring-nginx-based-reverse-proxy-for-owa.html to set it up. But I keep getting confusing "Content Encoding Errors".

Let me explain what I did:

[*] I installed NGINX via apt-get on my Ubuntu machine.

[*] I slightly changed the nginx.conf so it lookes like this now:

user www-data;
worker_processes  2;

error_log  /var/log/nginx/error.log debug;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  text/plain;

    access_log  /var/log/nginx/access.log;

    tcp_nopush     off;
    keepalive_timeout  65;
    tcp_nodelay        on;

    msie_padding on;
    msie_refresh off;
    server_name_in_redirect off;
    server_names_hash_max_size 512;
    server_names_hash_bucket_size 64;

    gzip  off;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

[*] Then I created some file "http-proxy" in the sites-available folder with the following content...

server {
        listen 80;
        server_name 192.168.10.157;
        rewrite ^(,*) https://192.168.10.157$1 permanent;
}

...and enabled it.

[*] Now I created the file "https-proxy" with the following content...

server {
        listen 443;
        server_name 192.168.10.157;

        rewrite ^/$ https://192.168.10.157/exchange permanent;

        ssl  on;
        ssl_certificate  /etc/ssl/certs/myssl.crt;
        ssl_certificate_key  /etc/ssl/private/myssl.key;
        ssl_session_timeout  5m;

        proxy_read_timeout      360;
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

        location /exchange { proxy_pass https://sbs.domain.local/exchange; }
        location /exchweb  { proxy_pass https://sbs.domain.local/exchweb; }
        location /public   { proxy_pass https://sbs.domain.local/public; }
#       location /Microsoft-Server-ActiveSync { proxy_pass https://sbs.domain.local/Microsoft-Server-ActiveSync; }
}

...and enabled it. As you can see the file is almost the same like on the manual mentioned above. As we are still using SBS 2003 I changed the location directive accordingly.

[*] Now I created my SSL cerificates. I followed the instructions on http://articles.slicehost.com/2007/12/19/ubuntu-gutsy-self-signed-ssl-certificates-and-nginx ... not to miss a thing. ;-)

[*] To be sure that the NGINX machine can resolve sbs.domain.local I added some entry in /etc/hosts.

[*] I played around with several changes, i.e. ...

[*] ... taking over the SBS' SSL certificate
[*] ... addressing the NGINX machine with its machine name
[*] ... turning GZIP on and off.

... No luck!

I am sure that it's just a small thing that I might have forgotten. But I have no idea where to look. What can you suggest?

CU,
Mészi.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,14903,14903#msg-14903

--
This message was scanned by ESVA and is believed to be clean.

--
This message was scanned by ESVA and is believed to be clean.