Newbie: Trying to ssl-wrap Plone4 using non-standard port

Johannes Graumann johannes_graumann at web.de
Tue Sep 28 22:20:54 MSD 2010 

Igor Sysoev wrote:

> On Tue, Sep 28, 2010 at 07:17:13PM +0200, Johannes Graumann wrote:
> 
>> Hello,
>> 
>> I have a domain (www.graumannschaft.org) that points to a non-standard
>> ssl- port on a server I rent (h1616679.stratoserver.net:442), as 443 is
>> taken by an unrelated Apache instance.
>> The server now hold a virgin buildout of Plone4, listening on 8080.
>> I want to wrap that zope/plone cnnetion into ssl using NGINX and hsve so
>> fa the following:
>> 
>> server {
>>     listen   442;# Custom port as the standard 443 is taken by kolab
>>     server_name  www.graumannschaft.org;
>>     # SSL is using KOLAB generated credentials
>>     ssl  on;
>>     ssl_certificate  /kolab/etc/kolab/cert.pem;
>>     ssl_certificate_key  /kolab/etc/kolab/key.pem;
>>     ssl_session_timeout  5m;
>>     ssl_protocols  SSLv3 TLSv1;
>>     ssl_ciphers 
>>     ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
>>     ssl_prefer_server_ciphers   on;
>>     location / {
>>         proxy_pass http://localhost:8080;
>>     }
>>   }
>> 
>> This gets me to Plone4's "Plone is up and running. * Your Plone site has
>> not been added yet ..." age just fine, but clicking the button "Create a
>> new Plone Site" redirects me to localhost:8080, which unsurprisingly
>> doesn't work.
>> I'm obviously lacking rewriting, but whatever I have tried along the
>> lines of googled examples (which mostly rely n already up and running
>> plone sites and plone's VirtulHostMonster), has not worked.
>> 
>> Can someone lease nudge me into the right direction?
> 
>      location / {
>          proxy_pass      http://localhost:8080;
>          proxy_redirect  http://localhost:8080/ /;
>      }
> 
Thanks! I have now

server {
  listen   442;# This is a custom port as the standard 443 is taken by kolab
  server_name  www.graumannschaft.org h1616679.stratoserver.net;
  # SSL is using KOLAB generated credentials
  ssl  on;
  ssl_certificate  /kolab/etc/kolab/cert.pem;
  ssl_certificate_key  /kolab/etc/kolab/key.pem;
  ssl_session_timeout  5m;
  ssl_protocols  SSLv3 TLSv1;
  ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3 +EXP;
  ssl_prefer_server_ciphers   on;
  location / {
        proxy_pass      http://localhost:8080;
        proxy_redirect  http://localhost:8080/ /;
  }
}

But when trying to move on from plone's default start page (at 
https://h1616679.stratoserver.net:442/), I still end at 
http://localhost:8080/@@plone-addsite?site_id=Plone, which keeps not working 
...

Thanks for any hint, Joh

More information about the nginx mailing list