Hi, My set up is as below:
NGINX (reverse proxy) -->IBM WebSeal (redirects to a common login page, after authentication forwards to internal proxy along with the redirected url) --> Internal Proxy (IBM http Server) --> WebSphere Portal. I am trying to access https://<host_name>/wps/seedlist/myserver?Source=com.ibm.lotus.search.plugins.seedlist.retriever.portal.PortalRetrieverFactory&Action=GetDocuments&Range=100&locale=en<https://%3chost_name%3e/wps/seedlist/myserver?Source=com.ibm.lotus.search.plugins.seedlist.retriever.portal.PortalRetrieverFactory&Action=GetDocuments&Range=100&locale=en> Host_name is the server_name on NGINX and the url is in the Portal server. When I am accessing it directly, replacing the host_name with Portal server IP/port, it works. With the host_name, I am getting the message as in the subject line, on the browser. My nginx config is below:- #Security server_tokens off; #Turn off version number add_header X-Frame-Options "SAMEORIGIN"; #Turn off click jacking; so no frames add_header X-XSS-Protection "1; mode=block"; add_header X-Content-Type-Options nosniff; # Redirect all insecure requests to the secure port server { listen <IP_address>:80 ; server_name <server name>; return 301 https://<server_name>$request_uri; } # Serve SSL encrypted data server { listen <IP_address>:443 default_server ssl; add_header Strict-Transport-Security max-age=15768000; server_name <server_name>; access_log /web/nginx/servers/name/logs/access.log; error_log /web/nginx/servers/name/logs/ error.log; # Security ssl on; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4'; # Specify the certificate and key ssl_certificate /etc/nginx/ssl/name/server.name.com.crt; ssl_certificate_key /etc/nginx/ssl/name/server.name.com.key; location /download/ { rewrite ^/download/vadxeval$ "https://<server name>/mybrocade/secure/navigate?nid=n32&prodCode=VIRTUAL_ADX&pname=VADX_DOWNLOAD&completePath=downloads/Virtual ADX/Virtual ADX_Eval" break; rewrite ^/download/apitoolkit$ "https:// <server name>/mybrocade/secure/navigate?nid=n30&prodCode=BRD_API_SUPPORT&prodCatCode=API&pname=VYATTA_DOWNLOAD&completePath=Brocade API Toolkit" break; } location / { rewrite ^/$ https:// <server name>/wps/myportal/ break; rewrite ^/wps/portal$ http:// <server name>/wps/myportal/ break; index index.html; root /web/nginx/servers/name/conf; proxy_set_header Host $server_name; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://<webseal_hostname>/; proxy_read_timeout 90; } } Please help. Thanks, Krishna
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
