Reverse proxy SSL subdomain
picanha
nginx-forum at nginx.us
Tue Jul 8 14:45:30 UTC 2014
Hi,
We have heterogeneous applications e and need centralizing requests on
Nginx.
I´m trying use reverse proxy on a subdomain and redirect requests to Java
Glassfish. The problem occurs by default on listening subdomains. For
example:
server {
listen 80;
server_name subdomainA.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/appA/public;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ ^/(assets)/ {
root /var/www/rails_apps/appA/public;
gzip_static on;
expires 30d;
add_header Cache-Control public;
}
}
server {
listen 80;
server_name domain.com.br www.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/domain/public;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ ^/(assets)/ {
root /var/www/rails_apps/domain/public;
gzip_static on;
expires 30d;
add_header Cache-Control public;
}
}
Works fine! When access htttp://subdomainA.domain.com.br access app =>
/var/www/rails_apps/appA/public and http://www.domain.com.br access app =>
/var/www/rails_apps/domain/public.
But, if i'll trying use config bellow:
server {
### server port and name ###
listen 80;
listen 443 ssl;
ssl on;
server_name sudomainB.domain.com.br;
### SSL log files ###
access_log logs/ssl-access.log;
error_log logs/ssl-error.log;
### SSL cert files ###
ssl_certificate /opt/nginx/ssl/sudomainB.domain.com.br.crt;
ssl_certificate_key /opt/nginx/ssl/sudomainB.domain.com.br.key;
### Add SSL specific settings here ###
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
### We want full access to SSL via backend ###
location / {
### force timeouts if one of backend is died ##
proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
### Set headers ####
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
### Most PHP, Python, Rails, Java App can use this header ###
#proxy_set_header X-Forwarded-Proto https;
#This is better##
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
### By default we don't want to redirect it ####
proxy_redirect off;
proxy_pass http://GLASSFISH_IP;
}
}
When access https://sudomainB.domain.com.br i´m get an Timeout Connection.
But, if i'm trying access https://domain.com.br, works fine and i redirected
to glassfissh root app.
Why HTTPS://subdomainB.domain.com.br doesn't work?
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,251551,251551#msg-251551
More information about the nginx
mailing list