Nginx as reverse proxy for https traffic

Aleksandar Lazic al-nginx at none.at
Wed Apr 11 07:30:30 UTC 2018


Am 11.04.2018 um 07:11 schrieb Ajay Sonawane:
> I am trying to use Nginx as a reverse proxy in an environment where
> clients connects to my server (https://myserver:10443
> <https://myserver:10443/>). I am trying to use Nginx as a reverse proxy
> so that client will connect to Nginx proxy and Nginx will forward all
> requests to backend server. The communication is ssl communication on
> port 10443. I have installed and configured Nginx but still not able to
> connect to server through proxy. The configuration is
> 
> Not sure what I have done wrong. As of now, my backend is speaking to
> proxy on https on port 10443, but eventually it will be http on port 10443.

What's in the global and http server error log?
Which version of nginx do you use?

Best regards
Aleks

> http
> 
> {
> 
>    server
> 
>    {
> 
>     listen 10443;
> 
>     ssl on;
> 
>  
> 
>      access_log /var/log/nginx/ssl-access.log;
> 
>      error_log /var/log/nginx/ssl-error.log;
> 
>  
> 
>      location /
> 
>      {
> 
>         #chunked_transfer_encoding on;
> 
>         proxy_buffering off;
> 
>         proxy_pass https://MYSERVER:10443;
> 
>         proxy_set_header Host $host;
> 
>         proxy_set_header X-Real-IP $remote_addr;
> 
>         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> 
>         proxy_set_header X-Forwarded-Proto $scheme;
> 
>         #proxy_redirect off;
> 
>         #proxy_ssl_session_reuse off;
> 
>      }
> 
>  
> 
>      ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
> 
>      ssl_session_timeout 10m;
> 
>      keepalive_timeout 60;
> 
>      ssl_session_cache builtin:1000 shared:SSL:10m;
> 
>      ssl_ciphers   
> HIGH:!aNULL:!aNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
> 
>      ssl_prefer_server_ciphers on;
> 
>      ssl_certificate  /etc/nginx/certs/endpoint/nginx.cer;
> 
>      ssl_certificate_key /etc/nginx/certs/endpoint/nginx_d.key;
> 
>  
> 
>      #ssl_client_certificate /etc/nginx/certs/endpoint/nginx.cer;
> 
>      #ssl_verify_client off;
> 
>      #ssl_verify_depth 2;
> 
>  
> 
>    }
> 
> }
> 
>  
> 
> 
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> 



More information about the nginx mailing list