reverse proxy

Edho Arief edho at myconan.net
Tue Dec 11 10:01:09 UTC 2012


On Tue, Dec 11, 2012 at 4:47 PM, Dinoosh Nikapitiya
<dinoosh.niki at gmail.com> wrote:
> Hay Edho Arief,
> We already have the certificate for both www.mydomain.com and mydomain.com.
> But still get the error.
>

are they both in single certificate or separate? Check the DNS Name in
certificate's Subject Alternative Name. The correct certificate should
include both names (mydomain.com and www.mydomain.com) if you want to
have only one server block. Otherwise you have to create two separate
server block:

server {
  listen 443 ssl;
  server_name mydomain.com;
  ssl_certificate ...<for mydomain.com>;
  ssl_certificate_key ...;
  return 301 https://www.mydomain.com$request_uri;
}

server {
  listen 443 ssl;
  server_name www.mydomain.com;
  ssl_certificate ...<for www.mydomain.com>;
  ...
}

>
>>> When i check HTTP_X_URL_SCHEME on backend server it shows only http.
>>> Backend cannot understand if it is a http or https header.
>>>
>
>>How did you check it?
>
> Usually php can get those headers. I just used php scrip to get it.
>

My guess is apache overwritten the variable.



More information about the nginx mailing list