Nginx as Reverse Proxy for Tomcat + SSL
Maxim Dounin
mdounin at mdounin.ru
Thu Nov 19 15:00:35 MSK 2009
Hello!
On Thu, Nov 19, 2009 at 06:50:02AM -0500, himesh wrote:
> Thanks Maxim,
>
> So i tried the setup, SSL connection between the client and Nginx ( ssl terminating at nginx) and then unencrypted from Nginx to Tomcat.
>
> This is what my nginx.conf file looks like....
>
> user www-data;
> worker_processes 1;
>
> error_log /var/log/nginx/error.log;
> pid /var/run/nginx.pid;
>
> events {
> worker_connections 1024;
> }
>
> http {
> include /etc/nginx/mime.types;
> default_type application/octet-stream;
>
> access_log /var/log/nginx/access.log;
>
> sendfile on;
> #tcp_nopush on;
>
> #keepalive_timeout 0;
> keepalive_timeout 65;
> tcp_nodelay on;
>
> gzip on;
>
> include /etc/nginx/sites-enabled/*;
>
>
>
> server {
>
> server_name himesh.com;
> listen 192.168.1.118:443;
> ssl on;
> ssl_certificate /etc/pound/himesh_com.crt;
> ssl_certificate_key /etc/pound/himesh.key;
>
> access_log /etc/pound/access.log;
>
> location / {
> proxy_set_header X-Forwarded-Host $host;
> proxy_set_header X-Forwarded-Server $host;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_pass http://10.10.1.113:8080/;
> proxy_redirect off;
> }
> }
>
> }
>
>
> Now form the client when i try https://himesh.com i get the the tomcat default page, that is all good.
>
> But https://himesh.com/abc ( abc is an application deployed in tomcat), the browser returns http://himesh.com/abc but now i don't have nginx listening on 80, so there is no answer . This only happens with https. It works fine when iam using just http..
>
> Please advice..
Depending on backend software you may need various quirks to make
this working. Usually correctly configured proxy_redirect is
enough.
See
http://wiki.nginx.org/NginxHttpProxyModule#proxy_redirect
for details.
Maxim Dounin
More information about the nginx
mailing list