Hi,
I am struggling in order to setup nginx as reverse proxy with HTTPS.
In current test setup I installed nginx on a CentOS 7 machine (host
192.168.1.115) and apache within a docker container.
Everything works fine as long as I use HTTP only.
However if I enable SSL, my browser always ends up in getting response code
400 (bad request).
ssl_certificate "/etc/nginx/cert.crt";
ssl_certificate_key "/etc/nginx/cert.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 1m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
server {
listen 443 ssl;
server_name .hello.com;
location / {
proxy_pass http://127.0.0.1:8000;
}
}
In error.log I read:
2017/10/04 17:40:06 [info] 5695#0: *27 client sent invalid request while
reading client request line, client: 192.168.1.120, server: , request:
"CONNECT alpha.hello.com:443 HTTP/1.1"
On the other hand, if I run in a terminal:
openssl s_client -connect 192.168.1.115:443
and then I enter
GET https://alpha.hello.com/
I get the expected content (in this case error.log just prints
2017/10/04 18:15:41 [debug] 15843#0: *40 http request line: "GET
https://alpha.ciao.com/";
)
By the way, I tried different browsers, but the proxy configuration should
be pretty simple: I always set 192.168.1.115:443 as HTTPS/SSL proxy or as
proxy for all protocols (actually I aim to use HTTPS only)
What is my mistake? Is anything missing in nginx configuration? Is there a
proxy setup in the browser I am not aware of?
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,276690,276690#msg-276690
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
