Using NGINX as reverse proxy for OWA

Hi there,

I am trying to get NGINX running as some proxy for accessing OWA. My aim
is to provide company-internal OWA also externally but through NGINX
which will be running on the gateway then.

I followed the instructions of
http://planetit.ws/linux/debian/configuring-nginx-based-reverse-proxy-for-owa.html
to set it up. But I keep getting confusing “Content Encoding Errors”.

Let me explain what I did:

[*] I installed NGINX via apt-get on my Ubuntu machine.

[*] I slightly changed the nginx.conf so it lookes like this now:

user www-data;
worker_processes 2;

error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
}

http {
include /etc/nginx/mime.types;
default_type text/plain;

access_log  /var/log/nginx/access.log;

tcp_nopush     off;
keepalive_timeout  65;
tcp_nodelay        on;

msie_padding on;
msie_refresh off;
server_name_in_redirect off;
server_names_hash_max_size 512;
server_names_hash_bucket_size 64;

gzip  off;

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;

}

[*] Then I created some file “http-proxy” in the sites-available folder
with the following content…

server {
listen 80;
server_name 192.168.10.157;
rewrite ^(,*) https://192.168.10.157$1 permanent;
}

…and enabled it.

[*] Now I created the file “https-proxy” with the following content…

server {
listen 443;
server_name 192.168.10.157;

    rewrite ^/$ https://192.168.10.157/exchange permanent;

    ssl  on;
    ssl_certificate  /etc/ssl/certs/myssl.crt;
    ssl_certificate_key  /etc/ssl/private/myssl.key;
    ssl_session_timeout  5m;

    proxy_read_timeout      360;
    proxy_set_header        Host $host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For 

$proxy_add_x_forwarded_for;

    location /exchange { proxy_pass 

https://sbs.domain.local/exchange; }
location /exchweb { proxy_pass
https://sbs.domain.local/exchweb; }
location /public { proxy_pass https://sbs.domain.local/public;
}

location /Microsoft-Server-ActiveSync { proxy_pass

https://sbs.domain.local/Microsoft-Server-ActiveSync; }
}

…and enabled it. As you can see the file is almost the same like on
the manual mentioned above. As we are still using SBS 2003 I changed the
location directive accordingly.

[*] Now I created my SSL cerificates. I followed the instructions on
http://articles.slicehost.com/2007/12/19/ubuntu-gutsy-self-signed-ssl-certificates-and-nginx
… not to miss a thing. :wink:

[*] To be sure that the NGINX machine can resolve sbs.domain.local I
added some entry in /etc/hosts.

[*] I played around with several changes, i.e. …

[] … taking over the SBS’ SSL certificate
[
] … addressing the NGINX machine with its machine name
[*] … turning GZIP on and off.

… No luck!

I am sure that it’s just a small thing that I might have forgotten. But
I have no idea where to look. What can you suggest?

CU,
Mészi.

Posted at Nginx Forum: