<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Petrosetta,<div class=""><br class=""><div class="">Question is your nginx server running on <b class="">the same </b>host as your owin / IIS server? </div><div class="">With OWIN / IIS listening only on port 80 and nginx only on port 443?</div><div class="">And both listening on the physical NIC (not localhost) and no firewall?</div><div class=""><br class=""></div><div class="">It looks as though you are wanting to do SSL termination and HTTP/2 with nginx </div><div class="">and proxy everything to OWIN/IIS - is that correct?</div><div class=""> </div><div class="">If it were me, I’d try to bisect the problem:</div><div class=""><br class=""></div><div class="">1. first repeat the test request (ideally with curl ) as an HTTP 1.1 request</div><div class="">2. If that didn’t work, configure a second VirtualHost in nginx on port 8080 that has no SSL and request that with curl</div><div class=""><br class=""></div><div class="">Also, your config suggests that your web server <b class="">might be</b> internet visible. </div><div class="">If It is, I would suggest that you try access these test URLs, and also directly</div><div class="">accessing your IIS using the <a href="http://redbot.org" class="">redbot.org</a> HTTP validator.</div><div class=""><br class=""></div><div class="">Good luck,</div><div class=""><br class=""></div><div class="">Peter</div><div class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 21 Jan 2019, at 9:23 AM, petrosetta <<a href="mailto:nginx-forum@forum.nginx.org" class="">nginx-forum@forum.nginx.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Morning all<br class="">I don;t know if anyone has ever had this problem bit I am attempting to put<br class="">an OWIN Server running on a Windows 2012 Server with IIS. Whenever we try to<br class="">log on going through the NGINX server, I get "Invalid login attempt. Verify<br class="">that your username and password are correct." I am sure the username and<br class="">password are correct. When I look in NGINX logs, I am seeing GET<br class="">/WebAccess/fonts/glyphicons-halflings-regular.woff2 HTTP/2.0" 404 1245<br class=""><a href="https://mywebsite/Content/css?v=looooong" class="">https://mywebsite/Content/css?v=looooong</a> string.<br class=""><br class="">My settings for this server in NGINX is the following:<br class=""><br class=""> listen 443 ssl http2;<br class=""> server_tokens off;<br class=""> more_clear_headers Server;<br class=""> server_name <a href="http://devmachine.mydomain.com" class="">devmachine.mydomain.com</a>;<br class=""> ssl on;<br class=""> ssl_certificate ssl/devmachine/certificate.crt;<br class=""> ssl_certificate_key ssl/devmachine/private-key.pem;<br class=""> ssl_dhparam ssl/dhparams.pem;<br class=""> ssl_ecdh_curve secp384r1;<br class=""> ssl_stapling on;<br class=""> ssl_stapling_verify on;<br class=""> ssl_trusted_certificate ssl/devmachine/certificate-trusted.crt;<br class=""> resolver 8.8.8.8 8.8.4.4 valid=300s;<br class=""> resolver_timeout 10s;<br class=""> ssl_protocols TLSv1.3 TLSv1.2;<br class=""> ssl_prefer_server_ciphers on;<br class=""> ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';<br class=""> ssl_session_cache shared:SSL:1m;<br class=""> ssl_session_timeout 1h;<br class=""> ssl_session_tickets off;<br class=""> add_header Strict-Transport-Security<br class="">"max-age=31536000;includeSubDomains" always;<br class=""> access_log /var/log/nginx/access.log main;<br class=""> log_not_found on;<br class=""><br class=""> location / {<br class=""> proxy_pass <a href="https://devserver" class="">https://devserver</a>;<br class=""> proxy_set_header Host $host;<br class=""> proxy_set_header X-Real-IP $remote_addr;<br class=""> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br class=""> proxy_set_header X-Forwarded-Proto $scheme;<br class=""> add_header X-Frame-Options SAMEORIGIN;<br class=""> add_header X-Content-Type-Options nosniff;<br class=""> add_header X-XSS-Protection "1; mode=block";<br class=""> proxy_ignore_client_abort on;<br class=""> proxy_buffering off;<br class=""> proxy_read_timeout 3600s;<br class=""> proxy_send_timeout 3600s;<br class=""> if ($limit_bots = 1) {<br class=""> return 403;<br class=""> }<br class=""> }<br class=""><br class="">Has anyone been able to get NGINX working with OWIN?<br class=""><br class="">Posted at Nginx Forum: <a href="https://forum.nginx.org/read.php?2,282762,282762#msg-282762" class="">https://forum.nginx.org/read.php?2,282762,282762#msg-282762</a><br class=""><br class="">_______________________________________________<br class="">nginx mailing list<br class=""><a href="mailto:nginx@nginx.org" class="">nginx@nginx.org</a><br class="">http://mailman.nginx.org/mailman/listinfo/nginx<br class=""></div></div></blockquote></div><br class=""></div></div></body></html>