[SOLVED] Re: Newbie: Trying to ssl-wrap Plone4 using non-standard port
Johannes Graumann
johannes_graumann at web.de
Fri Oct 1 12:11:00 MSD 2010
Opening the default 8080 port to setup a plone site ("PloneSiteName")
independent of NGINX and figuring out how to access plone's
VirtualHostMonster fixed this.
I now run successfully
server {
listen 8443;# Custom port as the standard 443 is taken by kolab
server_name myserver.net;
# SSL is using KOLAB generated credentials
ssl on;
ssl_certificate /kolab/etc/kolab/cert.pem;
ssl_certificate_key /kolab/etc/kolab/key.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass
http://localhost:8080/VirtualHostBase/https/myserver.net:8443/PloneSiteName/VirtualHostRoot/;
}
}
Cheers, Joh
Johannes Graumann wrote:
> mat h wrote:
>
>> try using 127.0.0.1 instead of localhost.
>
> Thanks. Trying to go beyond the start age I now get stuck with a failing
> http://127.0.0.1:8080/@@plone-addsite?site_id=Plone ...
>
> Joh
>
>>
>> On Wed, Sep 29, 2010 at 4:20 AM, Johannes Graumann
>> <johannes_graumann at web.de> wrote:
>>> Igor Sysoev wrote:
>>>
>>>> On Tue, Sep 28, 2010 at 07:17:13PM +0200, Johannes Graumann wrote:
>>>>
>>>>> Hello,
>>>>>
>>>>> I have a domain (www.graumannschaft.org) that points to a non-standard
>>>>> ssl- port on a server I rent (h1616679.stratoserver.net:442), as 443
>>>>> is taken by an unrelated Apache instance.
>>>>> The server now hold a virgin buildout of Plone4, listening on 8080.
>>>>> I want to wrap that zope/plone cnnetion into ssl using NGINX and hsve
>>>>> so fa the following:
>>>>>
>>>>> server {
>>>>> listen 442;# Custom port as the standard 443 is taken by kolab
>>>>> server_name www.graumannschaft.org;
>>>>> # SSL is using KOLAB generated credentials
>>>>> ssl on;
>>>>> ssl_certificate /kolab/etc/kolab/cert.pem;
>>>>> ssl_certificate_key /kolab/etc/kolab/key.pem;
>>>>> ssl_session_timeout 5m;
>>>>> ssl_protocols SSLv3 TLSv1;
>>>>> ssl_ciphers
>>>>> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
>>>>> ssl_prefer_server_ciphers on;
>>>>> location / {
>>>>> proxy_pass http://localhost:8080;
>>>>> }
>>>>> }
>>>>>
>>>>> This gets me to Plone4's "Plone is up and running. * Your Plone site
>>>>> has not been added yet ..." age just fine, but clicking the button
>>>>> "Create a new Plone Site" redirects me to localhost:8080, which
>>>>> unsurprisingly doesn't work.
>>>>> I'm obviously lacking rewriting, but whatever I have tried along the
>>>>> lines of googled examples (which mostly rely n already up and running
>>>>> plone sites and plone's VirtulHostMonster), has not worked.
>>>>>
>>>>> Can someone lease nudge me into the right direction?
>>>>
>>>> location / {
>>>> proxy_pass http://localhost:8080;
>>>> proxy_redirect http://localhost:8080/ /;
>>>> }
>>>>
>>> Thanks! I have now
>>>
>>> server {
>>> listen 442;# This is a custom port as the standard 443 is taken by
>>> kolab server_name www.graumannschaft.org h1616679.stratoserver.net;
>>> # SSL is using KOLAB generated credentials
>>> ssl on;
>>> ssl_certificate /kolab/etc/kolab/cert.pem;
>>> ssl_certificate_key /kolab/etc/kolab/key.pem;
>>> ssl_session_timeout 5m;
>>> ssl_protocols SSLv3 TLSv1;
>>> ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3 +EXP;
>>> ssl_prefer_server_ciphers on;
>>> location / {
>>> proxy_pass http://localhost:8080;
>>> proxy_redirect http://localhost:8080/ /;
>>> }
>>> }
>>>
>>> But when trying to move on from plone's default start page (at
>>> https://h1616679.stratoserver.net:442/), I still end at
>>> http://localhost:8080/@@plone-addsite?site_id=Plone, which keeps not
>>> working ...
>>>
>>> Thanks for any hint, Joh
>>>
>>>
>>>
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://nginx.org/mailman/listinfo/nginx
>>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://nginx.org/mailman/listinfo/nginx
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list