I have Googled and looked at various sample SSL configurations and it
seems like I’ve got things set up right, but there are two problems I
can’t seem to fix:
- When I load https://dev.mysite.com, the lock that should appear in
the upper right corner of the browser window does not appear. - The Java application behind the scenes uses httpUtil.GetRequestURL()
to get the current request and it is getting http://dev.mysite.com
instead of https://dev.mysite.com.
I have tried setting the Host header to $host instead of $http_host, and
I’ve tried setting proxy_redirect to set the URL to
https://dev.mysite.com, but neither had any effect. Setting Host to
https://dev.mysite.com fixes the browser lock problem but appears to
make the proxy_pass redirect stop happening, as I get a nice secure
blank page.
My SSL server config is below. Can someone please tell me what I’ve done
wrong?
server {
listen 443 default ssl;
server_name dev.mysite.com;
access_log /var/log/nginx/dev_mysite_access.log;
error_log /var/log/nginx/dev_mysite_error.log;
ssl_certificate /export/nginx/certs/mysite.com.crt;
ssl_certificate_key /export/nginx/certs/mysite.com.key;
location / {
# give site more time to respond
proxy_read_timeout 120;
# needed to forward user's IP address
proxy_set_header X-Real-IP $remote_addr;
# needed for HTTPS
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_pass http://localhost:8081;
}
}
Posted at Nginx Forum: