Hi guys,
I am having a jpro.one parsed javafx webpage/app hosted by an nginx
server. It is accessible via http://DOMAIN:8080. This is working as
intended.
Now I have configured nginx so that it listens on port 80 and 443, so that,
http://DOMAINNAME -> return https://DOMAINNAME and https://DOMAINNAME ->
return http://localhost:8080, which I want to do.
When I enter http://DOMAINNAME:8080, the page works as intended.
When I enter https://DOMAINNAME:8080, I get a warning about a bad
certificate, since jpro returns http content, so I suppose it is working as
intended. Additional question: Is there a way to get rid of the cert
warning?
When I enter http://DOMAINNAME I get redirected to the https page, so
working as intended.
BUT: When I enter https://DOMAINNAME, it just says the page is not
available. I expected to get redirected to http://localhost:8080.
My nginx config, checked with nginx -t, is syntax correct but fails to
redirect me on https access. These are my nginx config files in
/etc/nginx/conf.d/ I tried:
- jpro.conf:
Hi Christian,
On Tue, May 09, 2023 at 02:51:22PM +0200, Christian Rocholl wrote:
> Hi guys,
> I am having a jpro.one parsed javafx webpage/app hosted by an nginx
> server. It is accessible via http://DOMAIN:8080. This is working as
> intended.
>
> Now I have configured nginx so that it listens on port 80 and 443, so that,
> http://DOMAINNAME -> return https://DOMAINNAME and https://DOMAINNAME ->
> return http://localhost:8080, which I want to do.
This isn't a best design for the case.
[...]
> BUT: When I enter https://DOMAINNAME, it just says the page is not
> available. I expected to get redirected to http://localhost:8080.
[...]
> My nginx config, checked with nginx -t, is syntax correct but fails to
> redirect me on https access. These are my nginx config files in
> /etc/nginx/conf.d/ I tried:
>
> - jpro.conf:
> ```
> proxy_buffering off;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-Proto $scheme;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header Host $http_host;
> proxy_set_header Upgrade $http_upgrade;
> proxy_set_header Connection "upgrade";
> proxy_read_timeout 86400;
> proxy_http_version 1.1;
> ```
> and -DOMAIN.conf
> ```
> upstream ppcsc {
> server localhost:8080;
> }
I'd recommend to avoid using an FQDN, so it will look like this:
upstream ppcsc {
server 127.0.0.1:8080;
}
> server {
> listen 80;
> server_name DOMAINNAME;
> return 301 https://$http_host$request_uri;
> }
> server {
> listen 443 ssl;
> server_name DOMAINNAME;
> tcp_nodelay on;
> ssl_certificate FILE.cer;
> ssl_certificate_key FILE.key;
> ssl_protocols TLSv1.3;
> ssl_ciphers HIGH:!aNULL:!MD5;
> # return 301 http://ppcsc;
> return 301 http://$http_host:8080$request_uri;
> # location / { # proxy_pass http://ppcsc; # } }
The return directive needs to be removed from the
configuration file. Also, remove comment from the
beginning of the line with location /, so
location / {
proxy_pass http://ppcsc;
}
Enable debugging log, http://nginx.org/en/docs/debugging_log.html
to see what's going on and how nginx processes a request
to an application backend.
Hope that helps.
--
Sergey A. Osokin
proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_read_timeout 86400; proxy_http_version 1.1; ``` and -DOMAIN.conf
Thanks for the help and kind regards , Chris -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.nginx.org/pipermail/nginx/attachments/20230509/f88cc297/attachment.htm ```