On Sun, Nov 08, 2020 at 03:42:05AM -0500, [email protected] wrote: Hi there,
> I discovered that the failing request is making a subsequent, asynchronous > AJAX call to port 443 of Nginx where the connection is failing with > "Certificate Unknown" against my self-signed certificate. I'm not quite sure what your architecture is -- what part involves nginx, and what part involves other things. Can you show why the ajax request is going to https? As in -- what part of the previous response invites it to request https instead of the http that you want? Probably changing *that* part, will make the whole thing work better. (Or: if you are running nginx with https that remote clients should connect to, can you arrange that the certificate used is acceptable to all clients?) > GET http://example.com/ajax/inc/1488440 HTTP/1.1 That's a http request... > HTTP/1.1 200 OK ...with a normal response... > CONNECT example.com:443 HTTP/1.1 ...and then that happened. That's a http client talking to a http proxy asking to talk through to a remote https server (probably). Where did that come from? > I'd like to force the AJAX connection over port 80 of Nginx. Is it possible > to evaluate the Host header for :443 and if it exists change it to :80? If > so, what's the most efficient way to accomplish this task? If I understand things correctly -- by the time nginx sees this Host: header, the request has been made; so it is too late to change what the client does. You probably need to examine the previous response, to see what can be changed there. I have no specific suggestions right now; hopefully this description gives you a hint as to what you might be able to do. Good luck with it, f -- Francis Daly [email protected] _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
