PHPFixing
  • Privacy Policy
  • TOS
  • Ask Question
  • Contact Us
  • Home
  • PHP
  • Programming
  • SQL Injection
  • Web3.0

Thursday, September 1, 2022

[FIXED] How can I make nginx reverse proxy for localhost when connectd with IP address?

 September 01, 2022     localhost, nginx, nginx-reverse-proxy, ssl     No comments   

Issue

I made reverse proxy on my nginx like this

server {
    listen       80;
    server_name  localhost;

    return 301 https://[my domein]$request_uri;

}

this works well, when I access http://xxx.xxx.xxx.xxx/index.html. My nginx redirect to https://[my domain]/index.html

But, when I access https://xxx.xxx.xxx.xxx/index.html Chrome shows “Your connection is not private” error. Self-signed certificates do not help avoid this error. A CA-signed certificate is required. In this case, how do I get the SSL certificate for localhost? It is localhost. No one could issue a localhost certificate, I think.

Does anyone know a good way to solve this problem?


Solution

Use mkcert.

Install mkcert

sudo apt install libnss3-tools

Check mkcert releases page for the latest version. As of this writing, the latest release is.v1.4.3

export VER="v1.4.3"
wget -O mkcert https://github.com/FiloSottile/mkcert/releases/download/${VER}/mkcert-${VER}-linux-amd64
chmod +x mkcert
sudo mv mkcert /usr/local/bin

Install certificate generate locally trusted SSL certificates

mkcert -install
ls -1 ~/.local/share/mkcert
mkdir ~/cert && cd ~/cert
mkcert crm.site '*.crm.site' localhost 127.0.0.1 ::1

Add to nginx

sudo nano /etc/nginx/sites-available/crm.site
server {
   listen *:443 ssl http2;
   index index.php;
   root /home/andrey/crm.site;
   server_name crm.site *.crm.site;

   ssl_certificate /home/andrey/cert/crm.site+4.pem;
   ssl_certificate_key /home/andrey/cert/crm.site+4-key.pem;

        client_max_body_size 128M;
        client_body_buffer_size 128k;

        location / {
                try_files $uri $uri/ /index.php?$args;
                add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        }
}

and restart nginx

sudo service nginx restart


Answered By - Andrey
Answer Checked By - Mildred Charles (PHPFixing Admin)
  • Share This:  
  •  Facebook
  •  Twitter
  •  Stumble
  •  Digg
Newer Post Older Post Home

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

Copyright © PHPFixing