reverse proxy

Dinoosh Nikapitiya dinoosh.niki at gmail.com
Tue Dec 11 09:47:13 UTC 2012 

Hay Edho Arief,
We already have the certificate for both www.mydomain.com and mydomain.com.
But still get the error.


>> When i check HTTP_X_URL_SCHEME on backend server it shows only http.
>> Backend cannot understand if it is a http or https header.
>>

>How did you check it?

Usually php can get those headers. I just used php scrip to get it.

>Have you tried hardcoding https to the proxy set header?

Yes I tried that also. But still no luck.



On Tue, Dec 11, 2012 at 2:48 PM, Edho Arief <edho at myconan.net> wrote:

> On Tue, Dec 11, 2012 at 3:58 PM, Dinoosh Nikapitiya
> <dinoosh.niki at gmail.com> wrote:
> > Hi all,
> >
> > I configured an nginx server as a reverse proxy few months ago. i have
> > apache server as a back end of the reverse proxy. Every thing worked well
> > until i start to use ssl.
> >
> > When i try to redirect https://mydomain.com to https://www.mydomain.comit
> > gives me ssl untrusted error.
> >
>
> SSL is handled by nginx and not usually passed at all to backend. The
> error probably caused by nginx serving certificate for mydomain.com
> but the browser is accessing www.mydomain.com. Domain mismatch raises
> the error.
>
> Put a certificate for www.mydomain.com instead which usually already
> includes mydomain.com (depends on the provider) or create separate
> server block which has certificate for each domain (which probably
> better since it will skip backend entirely for the redirect).
>
> > When i check HTTP_X_URL_SCHEME on backend server it shows only http.
> > Backend cannot understand if it is a http or https header.
> >
>
> How did you check it? Have you tried hardcoding https to the proxy set
> header?
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



-- 
*Dinoosh Nikapitiya
IT Infrastructure Administrator
Mobile :- (077) 5 904 547*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20121211/65e53caf/attachment.html>

More information about the nginx mailing list