All: I discovered that the failing request is making a subsequent, asynchronous AJAX call to port 443 of Nginx where the connection is failing with "Certificate Unknown" against my self-signed certificate.
GET http://example.com/ajax/inc/1488440 HTTP/1.1 Host: example.com Connection: keep-alive Accept: application/json, text/javascript, */*; q=0.01 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36 X-Requested-With: XMLHttpRequest Referer: http://example.com/mp3/search?keywords=california+gurls Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=k6o4mq4np28bdr6n2g2pbgq190; zvAuth=1; zvLang=0; ZvcurrentVolume=100; nua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.75%20Safari%2F537.36; asus_token=81G3BJcZjrt06SpsxUrh; z1_n=5 HTTP/1.1 200 OK Server: nginx/1.19.2 Date: Sun, 08 Nov 2020 07:38:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __cfduid=d3d5b5d9e0cbf7321ca040f0b126eb6631604821113; expires=Tue, 08-Dec-20 07:38:33 GMT; path=/; domain=.example.com; HttpOnly; SameSite=Lax; Secure Vary: Accept-Encoding CF-Cache-Status: DYNAMIC cf-request-id: 064863f2fb00000b786e0c5000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"; Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uoLAfVO2XqMqj6FJI%2BwyHFz52QFckDptxRfYjClxWfJvGUxnyAlsIR5Im37T5tC2j%2Big2WIgIfXajj0EWpPBMCxdTtC5ZA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"report_to":"cf-nel","max_age":604800} CF-RAY: 5eeda297ffb90b78-AMS Content-Encoding: gzip CONNECT example.com:443 HTTP/1.1 Host: example.com:443 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36 334 7.593054 192.168.0.154 192.168.0.2 TLSv1.2 61 Alert (Level: Fatal, Description: Certificate Unknown) I'd like to force the AJAX connection over port 80 of Nginx. Is it possible to evaluate the Host header for :443 and if it exists change it to :80? If so, what's the most efficient way to accomplish this task? BTW... I've already implemented the proxy_redirect https:// http://; directive, which works well for the URL but not for the Host header. Thank you for your assistance. Respectfully, Gary Posted at Nginx Forum: https://forum.nginx.org/read.php?2,289905,289909#msg-289909 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
