Redirect loop in combination with https and apache

Hi,

We have a setup with tomcat/apache and nginx.

When a redirect occurs from the application from https to http, the
nginx
gets trapped in a redirect loop.

In the apache configuration we have this setting:

ExpiresActive On ExpiresDefault "access plus 1 month" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" .... more mimetypes

The nginx configuration has this location

location / {
    proxy_pass http://def-t-site1/;
    proxy_http_version 1.1;
    proxy_hide_header Expires;
    proxy_hide_header Last-Modified;
    proxy_redirect off;
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_cache http_def;
    proxy_cache_key $scheme://$host$uri$is_args$args;
    # proxy_cache_key "$scheme://$host$request_uri";
    proxy_cache_valid  200 302  10m;
    proxy_cache_valid  404      1m;
    add_header Cache-Control "public";
    add_header X-Cache-Status $upstream_cache_status;
    add_header X-Via $hostname;
}

a similar setting we have for 443 port (https).

If we remove ExpiresDefault “access plus 1 month” from apache, the
redirect
loop does not occur. The cache of nginx uses a TTL of 1 month after the
redirect occurs. This causes a redirect loop, since the https request is
cached as well.

So far, we tried several things

  • proxy_cache_valid 200 301 0m;
    No change in the TTL. The redirect loop is not solved, and the TTL is
    still
    a month.

Then we tried to configure the expire headers in nginx. That solves the
redirect, but unfortunately
the expire headers are not set. We tried for instance:

if ($upstream_http_content_type ~ “image/jpeg”) {
expires 2m;
}

or
map $upstream_http_content_type $new_cache_control_header_val {
default $upstream_http_cache_control;
“~*image/jpeg” “max-age=120, must-revalidate”;
}

but these settings did not have any effect on the TTL of the images.

So, is there a way to avoid the redirect loop and set the expire header
per
mimetype in nginx ?

Thanks!