ssl accelerator
Igor Sysoev
is at rambler-co.ru
Thu Apr 30 16:08:09 MSD 2009
On Wed, Apr 29, 2009 at 10:08:49AM -0400, lovewadhwa wrote:
> Hi
>
> I m using nginx to configure ssl accelerator.Have specified the following in my configuration file to accomplish the same:
>
> upstream dev1.magazine.com{
> server dev1.magazine.com:8000;
> }
>
>
> server {
> listen 443;
> server_name 192.168.8.31;
> ssl on;
> ssl_certificate server.crt;
> ssl_certificate_key server.key;
> location / {
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header Host $http_host;
> proxy_set_header X-FORWARDED_PROTO https;
> proxy_redirect false;
> if (!-f $request_filename) {
> proxy_pass http://dev1.magazine.com;
> }
> root html;
> index index.html index.htm;
> }
>
> Setting the above things in my configuration file, i have my request say https://192.168.8.31 being translated to http://dev1.magazine.com on port 8000, but the page returned is over http instead of that being https. Please help.
Probably, you need to rewrite redirects:
proxy_redirect http://dev1.magazine.com:8000/ /;
Also, it's better to use this configuration
location / {
root html;
index index.html index.htm;
try_files $uri @magazine;
}
locaiton @magazine {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-FORWARDED_PROTO https;
proxy_pass http://dev1.magazine.com:8000;
}
without "if" and "upstream dev1.magazine.com".
By default
proxy_pass http://dev1.magazine.com:8000;
also adds
proxy_redirect http://dev1.magazine.com:8000/ /;
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list