https proxy to apache server
Jelle de Jong
jelledejong at powercraft.nl
Tue Jan 10 15:17:21 UTC 2012
On 10/01/12 15:38, Maxim Dounin wrote:
> Just use "https" instead of "http" here, i.e.
> proxy_pass https://192.168.24.66/;
I tried that, (did it again to be sure). I think the issues may be
somewhere else...
I removed the port 80 part of the config and only have the 443 now.
# checking: nginx is listing
# lsof -i :443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 30136 root 20u IPv4 482955 0t0 TCP *:https (LISTEN)
nginx 30137 www-data 20u IPv4 482955 0t0 TCP *:https (LISTEN)
nginx 30138 www-data 20u IPv4 482955 0t0 TCP *:https (LISTEN)
nginx 30139 www-data 20u IPv4 482955 0t0 TCP *:https (LISTEN)
nginx 30140 www-data 20u IPv4 482955 0t0 TCP *:https (LISTEN)
# checking: wierd response from ssl check, what is wrong?
# openssl s_client -connect localhost:443
CONNECTED(00000003)
31082:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:s23_clnt.c:607:
# nginx should be able to read the certs?
# output shorted for mail purpose
# su -c 'ls -hal /etc/ssl/certs/yessica-*' www-data
-rw-r--r-- 1 root root 1.4K Jan 7 16:42 /etc/ssl/certs/cert-request.pem
-rw-r--r-- 1 root root 2.9K Jan 7 16:42 /etc/ssl/certs/cert.pem
-r-------- 1 root root 1.7K Jan 7 16:42 /etc/ssl/certs/privatekey.pem
# the config...
server {
listen 443;
server_name calendar.powercraft.nl;
ssl on;
ssl_certificate /etc/ssl/certs/yessica-certificate.pem;
ssl_certificate_key /etc/ssl/certs/yessica--privatekey.pem;
access_log /var/log/nginx/calendar.secure.log;
error_log /var/log/nginx/calendar.error-secure.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_pass https://192.168.24.66/;
}
}
Thanks in advance,
Kind regards,
Jelle de Jong
More information about the nginx
mailing list