Reverse Proxy for Exchange 2010 Outlook Anywhere (RPC over HTTPS)

Xronos nginx-forum at nginx.us
Sun May 30 19:45:24 MSD 2010


Hi,

Ngnix has been configured as a reverse Proxy for an Exchange2010-Server (for OWA (Outlook Web Access) and Microsoft-Active-Sync). This works great. But I also want to use nginx for Outlook Anywhere (RPC over HTTPS). But this doesn’t work.  

This my nginx.conf

[code]
user www-data;
worker_processes 4;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
server_names_hash_bucket_size 64;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
gzip_comp_level 5;
gzip_http_version 1.0;
gzip_min_length 0;
gzip_types text/plain text/css image/x-icon application/x-javascript;
gzip_vary on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
[/code]


and my owa.conf under site-available


[code]
server {
        listen       80;
        server_name mail.externalDomain.com;

        # Redirect any HTTP request to HTTPS
        rewrite ^(.*) https://mail.externalDomain.com $1 permanent;

        error_log  /var/log/nginx/owa-error.log;
        access_log /var/log/nginx/owa-access.log;
}

server {
        listen       443;
        server_name mail.externalDomain.com;

        # Redirect from "/" to "/owa" by default
          rewrite ^/$ https:// mail.externalDomain.com/owa permanent;

        # Enable SSL
        ssl                     on;
        ssl_certificate         /etc/nginx/ssl.crt/exchange.crt;
        ssl_certificate_key     /etc/nginx/ssl.key/exchange.key;
        ssl_session_timeout     5m;

        # Set global proxy settings
        proxy_read_timeout      360;

        proxy_pass_header       Date;
        proxy_pass_header       Server;

        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

        location ~* ^/owa      { proxy_pass https://exchange2010.local; }
        location ~* ^/Microsoft-Server-ActiveSync { proxy_pass https://exchange2010.local; }
        location ~* ^/ecp { proxy_pass https://exchange2010.local; }
        location ~* ^/Rpc { proxy_pass https://exchange2010.local; }
        location ~* ^/mailarchiver { proxy_pass https://mailarchiver.local; }
        error_log /var/log/nginx/owa-ssl-error.log;
        access_log /var/log/nginx/owa-ssl-access.log;
}

server {
        listen       443;
        server_name autodiscover.externalDomain.com;

        # Enable SSL
        ssl                     on;
        ssl_certificate         /etc/nginx/ssl.crt/exchange.crt;
        ssl_certificate_key     /etc/nginx/ssl.key/exchange.key;
        ssl_session_timeout     5m;

        # Set global proxy settings
        proxy_read_timeout      360;

        proxy_pass_header       Date;
        proxy_pass_header       Server;

        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

        location ~* ^/Autodiscover { proxy_pass https://exchange2010.local; }

        error_log /var/log/nginx/owa-ssl-error.log;
        access_log /var/log/nginx/owa-ssl-access.log;
}
[/code]

Now if I open the internal URL of Rpc with my Browser i become an authentication, after i have me successful authorized i become a blank site.
if I open the external URL of Rpc with my Browser i become an authentication, after i have me successful authorized i become a "502 Bad Gateway" Error from ngnix.

Has anyone a solution for it?

Another question is it is possible to set nginx case insensitive globe for all locations? Because I can’t use ~* for this example.

[code]
location ~* ^/mailarchiver { proxy_pass https://exchange2010.local/mailarchiver3; }
[/code]

So I hope u understand my English but is a long time ago that I have to use it.


Thx and regards

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,92239,92239#msg-92239




More information about the nginx mailing list