[IE] Fwd: Problem with CAS on nginx configuration

Jason Whittington Jason.Whittington at equifax.com
Tue Nov 28 22:55:53 UTC 2017

It looks to me like the problem is that  siampapps.mp.crt is a weak certificate.  F12 tools in google show that it uses SHA-1 which is obsolete.   You should be able to fix this by generating a new cert using a more secure algorithm.

[cid:image005.jpg at 01D36869.C05AFE80]

From: nginx [mailto:nginx-bounces at nginx.org] On Behalf Of carlos maddaleno cuellar
Sent: Tuesday, November 28, 2017 9:45 AM
To: nginx at nginx.org
Subject: [IE] Fwd: Problem with CAS on nginx configuration


I wanted to know if some one could help me with a problem i have with my CAS, the problem is that i have a nginx that is responding to three diferent servers as a proxy, the thing is that i put the cas on one instance (server) but when it loads on


https://siamppapps.mp/cas it shows that is not navigating on a secure port as you can see

[Imágenes integradas 2]

but when i try directly on the ip of the server and the port it doesn't show any error

[Imágenes integradas 1]

this is my nginx configuration:


upstream nomina {
        server siampv4.mp:28080<http://siampv4.mp:28080>;

upstream siampv3.mp<http://siampv3.mp> {
        server siampv3.mp:28083<http://siampv3.mp:28083>;

upstream siampv5.mp<http://siampv5.mp> {
        server siampv5.mp:28080<http://siampv5.mp:28080>;

server {
        listen 443;
        client_max_body_size 8M;
        ssl on;
ssl_certificate /etc/nginx/siampapps.mp.crt;        # path to your cacert.pem
        ssl_certificate_key /etc/nginx/siampapps.mp.key;    # path to your privkey.pem
        server_name test.mp<http://test.mp>;
        # ......
        fastcgi_param   HTTPS               on;
        fastcgi_param   HTTP_SCHEME         https;
#location / {
#        root   /usr/share/nginx/html;
#        index  index.html index.htm;
#    }

location /nomina {
proxy_pass http://nomina;

location / {
proxy_pass http://siampv3.mp;

location /mailer {
proxy_pass http://siampv5.mp;

location /cas {

proxy_pass http://siampv5.mp;


thanks a lot!!

This message contains proprietary information from Equifax which may be confidential. If you are not an intended recipient, please refrain from any disclosure, copying, distribution or use of this information and note that such actions are prohibited. If you have received this transmission in error, please notify by e-mail postmaster at equifax.com. Equifax® is a registered trademark of Equifax Inc. All rights reserved.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20171128/7c308330/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.jpg
Type: image/jpeg
Size: 24029 bytes
Desc: image005.jpg
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20171128/7c308330/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 50730 bytes
Desc: image006.png
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20171128/7c308330/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 42075 bytes
Desc: image007.png
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20171128/7c308330/attachment-0003.png>

More information about the nginx mailing list