I need the Nginx web server to connect to a https server listening on port 443. The https
server cannot be reached by Nginx
server machine directly and to reach the https
server the nginx
server needs to set the http_proxy
and https:proxy
parameters.
We are earlier using Apache and have achieved the same using ProxyRemote * http://10.23.45.32:3128
parameter which allows the apache server to connect to the remote https
server through the proxy server.
We are in the process of moving from apache to Nginx and need to know how to add the proxy rules so that Nginx
server can pass the request to https
server.
I have the below configuration set up for Nginx.
server {
listen 80;
server_name localhost;
access_log /var/log/nginx/localhost.access.log;
location / {
proxy_pass http://localhost:9000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
#below path is working fine
location /cities.json {
proxy_pass http://hostname.net:8080/cities.json;
}
#below rule is working fine
location /states/ {
proxy_pass http://hostname.net:8080;
}
#below rule is giving 504 gateway timeout error.
location /auth {
#cannot call https://authenticationserver.net directly and need to go through proxy by setting http_proxy to http://proxy.host.net:3128
proxy_pass https://authenticationserver.net:443;
}
}
In Apache, I used to do the below configuration to set the proxy:
<VirtualHost *:8000>
ServerName hostname.net
<Location /balancer-manager>
SetHandler balancer-manager
Order Deny,Allow
Deny from all
Allow from all
</Location>
<Proxy balancer://authncluster>
BalancerMember https://target.host.net
</Proxy>
<Proxy *>
Order Allow,Deny
Allow From All
</Proxy>
ProxyRemote * http://proxy.host.net:3128
SSLProxyEngine On
ProxyPreserveHost On
ProxyPass /balancer-manager !
ProxyPass /authn/ balancer://authncluster/authn/
ProxyTimeout 300
</VirtualHost>
Hope this helps. Please let me know how to do the configuration in Nginx.
Best Answer
Something like this will do it (the paths will be wrong because your question doesn't appear to specify sufficient details. The key is that nginx chooses the most specific match possible - you can ready about that here.