Reverse proxy SSL subdomain

Hi,

We have heterogeneous applications e and need centralizing requests on
Nginx.

I´m trying use reverse proxy on a subdomain and redirect requests to
Java
Glassfish. The problem occurs by default on listening subdomains. For
example:

server {
listen 80;
server_name subdomainA.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/appA/public;

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }

location ~ ^/(assets)/  {
  root /var/www/rails_apps/appA/public;
  gzip_static on;
  expires 30d;
  add_header Cache-Control public;
}
}

server {
listen 80;
server_name domain.com.br www.domain.com.br;
charset utf-8;
passenger_enabled on;
root /var/www/rails_apps/domain/public;

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }

location ~ ^/(assets)/  {
  root /var/www/rails_apps/domain/public;
  gzip_static on;
  expires 30d;
  add_header Cache-Control public;
}
}

Works fine! When access htttp://subdomainA.domain.com.br access app =>
/var/www/rails_apps/appA/public and http://www.domain.com.br access app
=>
/var/www/rails_apps/domain/public.

But, if i’ll trying use config bellow:

server {
### server port and name ###
listen 80;
listen 443 ssl;
ssl on;
server_name sudomainB.domain.com.br;

### SSL log files ###
access_log      logs/ssl-access.log;
error_log       logs/ssl-error.log;

### SSL cert files ###
ssl_certificate /opt/nginx/ssl/sudomainB.domain.com.br.crt;
    ssl_certificate_key /opt/nginx/ssl/sudomainB.domain.com.br.key;

### Add SSL specific settings here ###

ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout    60;
ssl_session_cache    shared:SSL:10m;
ssl_session_timeout  10m;

### We want full access to SSL via backend ###
location / {
   ### force timeouts if one of backend is died ##
  proxy_next_upstream error timeout invalid_header http_500 http_502

http_503 http_504;

  ### Set headers ####
  proxy_set_header        Accept-Encoding   "";
  proxy_set_header        Host            $host;
  proxy_set_header        X-Real-IP       $remote_addr;
  proxy_set_header        X-Forwarded-For 

$proxy_add_x_forwarded_for;

  ### Most PHP, Python, Rails, Java App can use this header ###
  #proxy_set_header X-Forwarded-Proto https;
  #This is better##
  proxy_set_header        X-Forwarded-Proto $scheme;
  add_header              Front-End-Https   on;

  ### By default we don't want to redirect it ####
  proxy_redirect     off;

  proxy_pass  http://GLASSFISH_IP;
}

}

When access https://sudomainB.domain.com.br i´m get an Timeout
Connection.
But, if i’m trying access https://domain.com.br, works fine and i
redirected
to glassfissh root app.

Why HTTPS://subdomainB.domain.com.br doesn’t work?

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,251551,251551#msg-251551

Hello!

On Tue, Jul 08, 2014 at 10:45:30AM -0400, picanha wrote:

[…]

listen 80;
listen 443 ssl;
ssl on;

Note that such a configuration is wrong. Connections to port 80
(plain http) will try to use SSL with such a configuration. The
“ssl” directive should be removed if you are configuring a single
http/https server.

See here for details:

http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server


Maxim D.
http://nginx.org/

Hello!

i need multiple server. One for each subdomain and some subdomains over
https… the subdomainB.domain.com.br i want use proxy glassfish over
SSL.

Thank you

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,251551,251554#msg-251554

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs