This is the first time I try to setup an nginx reverse proxy. What I want is I have a Subversion server running http on port 44801.
Now I want to use nginx to listen on port 80 and forward but also listen on 443, do the ssl termination and then forward.
This is my conf file:
server {
# Port 80 only on local network
listen 80;
server_name freundx;
location /svn {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://freundx:44801/svn;
}
}
server {
# ssl is local and external
listen 443 ssl;
server_name freundx some.domain.com;
ssl_certificate /etc/niginx/ssl/mycert.crt;
ssl_certificate_key /etc/niginx/ssl/mycert.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location /svn {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://freundx:44801/svn;
}
}
For example, when I open https://freundx/svn, following happens:
- Browser asks (correctly) for the credentials on https
- Browser asks a second time for credentials, now for http
- Now I'm on http
Surely there is missing something in the config. But what? ;-)
Just for information if anyone stumbles upon this problem, too. I was new to nginx and created several config files, some of them for the same serve_name. This doesn't work, a server_name should be used only once. So I now ended up in having one config per subdomain.