Can someone either tell me or point me to the correct documentation
on how to force a subdomain to use https only?
Eg. Client goes to http and gets forced to https.
Would it be useful for me to write up my config file showing how
authentication is done with https?
I did have some confusion with it myself.
Previous problem solved, using:
openssl req -new -x509 -nodes -out server.crt -keyout server.key
New issue, I can't seem to use the basic authentication with https.
Is authentication not supported over https?
I'm changing a nginx/fastcgi setup to use the proxy module but have hit
a small problem. The framework behind the proxy needs the environment
variable HTTPS set to on if the the original request was https. This was
possible in the fastcgi setup using "fastcgi_param HTTPS on;", but I
cannot find an equivalent in the proxy section (proxy_set_header appends
HTTP_ to the param name). Is there an equivalent to fastcgi_param in the
Please note Debian won't ship nginx 0.5 in their next release, Etch.
0.5.13 is available in Sid (development version) but Etch is stuck with
0.4.13. I requested an unfreeze, but it was denied (on the grounds of
'we won't ship newer software')
Ubuntu, however, will hopefully ship nginx 0.5.13 in their next release,
Feisty. As in Debian, they were stuck with 0.4.13 but I requested an
unfreeze which was granted (on the grounds of 'why not? it's stable')
In both operating systems, 0.5.13 has live binary substitution support
and it's built with:
./configure --conf-path=/etc/nginx/nginx.conf \
Please contact me if you need any further help about nginx in Debian and
Ubuntu. And thanks for your great work, people!
José Miguel Parrella Romero -> Debian Sid, k2.6.18
Escuela de Computación - Facultad de Ciencias
Universidad Central de Venezuela -> ucvlug.info
I used the following command to generate a self signed cert:
openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout
domainname.tld.key -out domainname.tld.com.crt
I then restarted nginx and tried to access the page via https and
received an "ErrorCode: 12263" in firefox which translates to
I have used this method fine in apache 2.2 before.
What is the proper procedure for creating a self signed cert for nginx?
I run nginx on port 80 in front of apache with mod_backhand on port 81 on the same machine, which does the load balancing across backend apache servers.
Our application makes a redirect on a few rarely visited places and there apache generates a redirect in the form of http://domain:81/place/to/go. Thats get fed to the client, which sees a "connection refused" because of the closed 81 port.
What is the right way to fix this?
Obviously I need to rewrite that :81 somewhere into :80 or throw it away alltogether. I just don't understand the http proxying fully enough to see the solution. I think I either need some RewriteEngine magic on apache side or some proper rewrite statement on nginx side.
Thanks for help,