ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 


  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá












     áòèé÷ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: reverse proxy HTTP->HTTPS



You need to setup second server section, where you should configure ssl and copy your location(s), "servers" part of my config looks like, where server.conf contains locations:

server {
server_name xxxxxxxxxxxxxxxx;


listen zzzzzz:80;
access_log /data01/www/trading/logs/access_log.nossl;

error_log /data01/www/trading/logs/error_log.nginx warn;

include conf/server.conf;

}

server {
listen zzzzz:443;
server_name xxxxxxxxxxxxxxxxxxxxxx;

ssl on;
ssl_certificate /usr/local/nginx/conf/ssl.cert/server.cert;
ssl_certificate_key /usr/local/nginx/conf/ssl.key/server.key.unsecure;

ssl_session_cache shared:TRADING:150m;
ssl_session_timeout 10m;

access_log /data01/www/trading/logs/access_log.ssl;

error_log /data01/www/trading/logs/error_log.nginx warn;

include conf/server.conf;

}



dm.dv@xxxxxxx wrote:
Hi ALL!

Sorry for my silly question. I?m tying to set up NGINX as a reverse proxy to translate HTTP->HTTPS. Frontend (NGINX) and Backend (Sun Webserver 7.0) are situated at different servers. HTTP->HTTP work without any problem, but I cannot make works HTTP->HTTPS (if it is possible at all). OS: sun solaris 10 (sparc). Could you please tell me what I?m doing WRONG.

Thank you for your help.
My configuration:
---------------------------------------
user nginx;
worker_processes 2;

error_log logs/error.log;
error_log logs/error.log notice;

pid logs/nginx.pid;


events {
worker_connections 256;
}


http {
include mime.types;
default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log logs/access.log main;

sendfile on;
tcp_nopush on;

keepalive_timeout 65;
#gzip on;

server {
listen 80;
server_name wm1.idc.eng.domain.ca;

access_log logs/wm1.access.log main;
error_log logs/wm1.error.log debug;

location / {
proxy_pass https://wmail1.prod.domain.ca;
proxy_redirect default;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 10m;
client_body_buffer_size 128k;

client_body_temp_path /var/nginx/client_body_temp;

proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
#proxy_send_lowat 12000;

proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;

proxy_temp_path /var/nginx/proxy_temp;

}

}

}






 




Copyright © Lexa Software, 1996-2009.