PHPFixing
  • Privacy Policy
  • TOS
  • Ask Question
  • Contact Us
  • Home
  • PHP
  • Programming
  • SQL Injection
  • Web3.0

Thursday, September 1, 2022

[FIXED] How to let the backend api handle https certificate?

 September 01, 2022     nginx, nginx-reverse-proxy     No comments   

Issue

I'm new to nginx.

I have a machine, behind my router, that runs a server and handles correctly 80 and 443 request with Https.

Problem is that I want to host a second website on another device but I have only one IP address. I bought a raspberry pi zero to use it as a reverse proxy behind my router. I install nginx and want to redirect all the request to my other machines. Both the RPI 0 and the old machine have local IP.

To redirect requests from my router to RPI 0 and then to my old machine, I used proxy_pass. On port 80 everything works fine, but on port 443 I get a certificate error on my browser.

Is it possible to let the whole request go on the old machine and let the old machine handles the https certificate like before ? Or is it mandatory to have the certificate processed by nginx ?

Diagram of the old but functional installation

Diagram of the old but functional installation

Current installation with certificate error

Current installation with certificate error

My configuration:

upstream backend_a {
    server 192.168.0.20:80;
}

upstream backend_a_s {
    server 192.168.0.20:443;
}

server {
    listen  80;
    server_name mydomain;

    location / {
        include proxy_params;
        proxy_pass http://backend_a;
    }
}

server {
    listen 443 ssl;
    server_name mydomain;

    location / {
        include proxy_params;
        proxy_pass https://backend_a_s;
    }
}

Solution

I found a solution. I need to use port forwarding. To do this in nginx, I need to use stream keyword.

stream {
   server {
        listen 443;
        proxy_pass 192.168.0.20:443;
   }
}

The stream keyword need to be at the same level as http, so I needed to edit /etc/nginx/nginx.conf source. Other solution is to manually compile a version of nginx, with the parameter --with-stream source.



Answered By - Marco
Answer Checked By - Mary Flores (PHPFixing Volunteer)
  • Share This:  
  •  Facebook
  •  Twitter
  •  Stumble
  •  Digg
Newer Post Older Post Home

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

Copyright © PHPFixing