<div dir="ltr">My config wotk fine with ssl proxy pass<div>
<p class=""><span class="">location / {</span></p>
<p class=""><span class=""> proxy_pass <a href="https://backend">https://backend</a>;</span></p>
<p class=""><span class=""> proxy_redirect off;</span></p>
<p class=""><span class=""> proxy_next_upstream error timeout invalid_header http_502 http_503 http_504;</span></p>
<p class=""><span class=""> proxy_connect_timeout 120s;</span></p>
<p class=""><span class=""> proxy_set_header Host $host;</span></p>
<p class=""><span class=""> proxy_set_header X-Real-IP $remote_addr;</span></p>
<p class=""><span class=""> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</span></p>
<p class=""><span class=""> proxy_set_header X-Forwarded-Proto $scheme;</span></p>
<p class=""><span class=""> }</span></p></div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-06-23 12:26 GMT+03:00 romkaltu <span dir="ltr"><<a href="mailto:nginx-forum@forum.nginx.org" target="_blank">nginx-forum@forum.nginx.org</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Having odd situation, even don't know how to search in google, how to<br>
describe it...Anyway I'm using Nginx and proxy'ing https traffic to upstream<br>
server. Everything is fine with http (with others domains) but can't get it<br>
to work with https...<br>
<br>
Here is my nginx config<br>
<br>
upstream umarket { server <a href="http://192.168.2.11:443" rel="noreferrer" target="_blank">192.168.2.11:443</a>; }<br>
<br>
# Upstream<br>
server {<br>
listen 80;<br>
listen 443 ssl http2;<br>
server_name <a href="http://umarket.lt" rel="noreferrer" target="_blank">umarket.lt</a>;<br>
<br>
error_log /var/log/nginx/umarket.lt_error.log;<br>
<br>
add_header Strict-Transport-Security "max-age=31536000";<br>
<br>
ssl on;<br>
ssl_certificate<br>
/etc/nginx/ssl/<a href="http://umarket.lt/umarket_lt_chained.crt" rel="noreferrer" target="_blank">umarket.lt/umarket_lt_chained.crt</a>;<br>
ssl_certificate_key /etc/nginx/ssl/<a href="http://umarket.lt/server.key" rel="noreferrer" target="_blank">umarket.lt/server.key</a>;<br>
ssl_session_cache builtin:1000 shared:SSL:10m;<br>
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;<br>
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;<br>
ssl_prefer_server_ciphers on;<br>
<br>
proxy_redirect off;<br>
proxy_buffering off;<br>
proxy_set_header Host $host;<br>
proxy_set_header X-Real-IP $remote_addr;<br>
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br>
proxy_set_header X-Forwarded-Proto https;<br>
proxy_next_upstream error timeout invalid_header http_500<br>
http_502 http_503 http_504;<br>
proxy_ssl_session_reuse off;<br>
proxy_cache_bypass $http_secret_header;<br>
proxy_ignore_headers Set-Cookie;<br>
proxy_ignore_headers Cache-Control;<br>
<br>
location = / {<br>
<br>
proxy_pass $scheme://umarket;<br>
<br>
}<br>
<br>
}<br>
<br>
Here screenshot whats happening...<a href="http://i.stack.imgur.com/3CQc0.png" rel="noreferrer" target="_blank">http://i.stack.imgur.com/3CQc0.png</a><br>
<br>
Posted at Nginx Forum: <a href="https://forum.nginx.org/read.php?2,267806,267806#msg-267806" rel="noreferrer" target="_blank">https://forum.nginx.org/read.php?2,267806,267806#msg-267806</a><br>
<br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</blockquote></div><br></div>