Some problem with SSL on 0.6.31, same config works on 0.5.35
Paul
paul at gtcomm.net
Wed Jun 18 19:13:39 MSD 2008
SSL times out or gives blank page..
What has changed from 0.5.35 to 0.6.31 for ssl support?
Log file shows:
2008/06/18 09:24:04 [error] 21382#0: *33 upstream timed out (110:
Connection timed out) while reading upstream, client: x.x.x.x, server:
blah.com, request: "GET /favicon.ico HTTP/1.1", upstream:
"https://2.2.2.2:443/favicon.ico", host: "1.1.1.1"
It shows this on every SSL request to the backend.
Configuration ::
user www www;
worker_processes 16;
error_log logs/error.log;
worker_rlimit_nofile 65000;
events
{
worker_connections 40000;
}
http
{
access_log off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
output_buffers 8 256k;
server_tokens off;
ssl_verify_client off;
ssl_session_timeout 5m;
# cache_max_size 24;
gzip on;
# gzip_min_length 1100;
gzip_buffers 4 8k;
# gzip_types text/plain text/html text/xhtml text/css text/js;
proxy_buffering on;
proxy_buffer_size 1024k;
proxy_buffers 16 512k;
proxy_busy_buffers_size 4096k;
proxy_temp_file_write_size 1024k;
proxy_intercept_errors on;
client_body_buffer_size 2048k;
server
{
listen 1.1.1.1:443;
ssl on;
ssl_certificate /usr/local/nginx/conf/1234.crt;
ssl_certificate_key /usr/local/nginx/conf/1234.key;
location /
{
proxy_pass https://2.2.2.2;
proxy_redirect https://2.2.2.2/
http://$http_host/;
proxy_redirect default;
proxy_set_header Host
$host;
proxy_set_header X-Real-IP
$remote_addr;
proxy_set_header X-Forwarded-For
$remote_addr;
proxy_set_header X-FORWARDED_PROTO https;
}
}
}
More information about the nginx
mailing list