Re: config reverse proxy nginx to apache2

Bonjour,

     I  have  made  some  modification on my  nginx reverse proxy
     server.

     I have add these lines:

     listen 445;
     server_name *.domain.org;
     ssl on;
     ssl_certificate /etc/ssl/certs/file.crt; (same as apache)
     ssl_certificate_key   /etc/ssl/private/file.key;  (same  as
     apache)
     ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;

    I  have  access to my web server from outside, but I do not 

understand how
the ssl certificate is managed.

    Why  do  I  need  to add on nginx those certificates ? This is
    already handled by my apache server through his vhosts.

    How  to  deal  when  I have three vhosts, 2 have the same ssl
    certificate but the third one his using a different one.

    Thx


Cordialement,
Thierry e-mail : [email protected]

Is this apache behind nginx or nginx behing apache?.

Whichever be the case - The rule is that the frontend (or the server
terminating 443 ) need to have the cert configured as the web browsers
need
to talk to it with ssl .So in short if nginx is the frontend it must
have
the SSL eventhough apache(if the proxy backend) also has ssl on it.

All your individual vhost need individual ssl entries. If 2 vhost use
the
same cert all you have as an advantage is you can use the same filenames
.

Hi,

The nginx is the frontend.
My main apache web server has 3 vhosts.
vhost1 and vhost2 have the same ssl certif when vhost3 has a different
one.

I have add on my reverse proxy nginx the ssl_certificate and
ssl_certificate_key (same as my apache config) but how to deal with the
third ssl certif who is different from the two first one ?
Is it possible to split them ?

Thx

Is this apache behind nginx or nginx behing apache?.

Whichever be the case - The rule is that the frontend (or the
server terminating 443 ) need to have the cert configured as the web
browsers need to talk to it with ssl .So in short if nginx is the
frontend it must have the SSL eventhough apache(if the proxy backend) also has
ssl on it.

All your individual vhost need individual ssl entries. If 2 vhost
use the same cert all you have as an advantage is you can use the same filenames
.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs