Forum OpenACS Development: Re: Setup https

4: Re: Setup https (response to 2)
Posted by Iuri Sampaio on
Hi there,

I also found another thread regarding HTTPS issues:

I applied them to my installation. Thanks for the tip Victor

Furthermore, It turned out that I sort of figured out what was causing the error on my HTTPS installation ( The site works on HTTP but when forwarded to the link it gets broken.

Surprisingly, within the file config.tcl, instead of the localhost address (, if I set the parameter address as the external IP then HTTPS works.

set address
#set address

what would be the cause?

Btw, I am using NGINX proxy server

5: Re: Setup https (response to 4)
Posted by Torben Brosten on

If you are using nginx proxy server to serve https url, then trying to access aolserver directly via port 8443 would not work, because aolserver is not configured to serve port 8443 via https port. Instead, https port is served by the proxy server (nginx), where nginx is listening on the https port at the external address --a typical configuration for a proxy server.



6: Re: Setup https (response to 5)
Posted by Iuri Sampaio on

I am not using nginx server to serve https. See bellow the nginx config file for that instance.

server {

location / {

root /var/www/ezysource;
client_max_body_size 40M;

proxy_read_timeout 200;
proxy_connect_timeout 200;

proxy_set_header X-Forwarded-For $remote_addr;

The scenario I have now is:

1) The site works only through HTTPS. (I want it functioning for both HTTP and HTTPS. HTTPS must be used only to specific pages such as login, and etc. ( I am using ecommerce package.)

HTTP links are broken: "502 Bad Gateway"

I'm not sure but I think it isn't necessary to set up nginx to serve HTTPS. Is it?

7: Re: Setup https (response to 6)
Posted by Iuri Sampaio on
Ok. So far I believe I fixed HTTP to work together with HTTPS access.

I was blind for small details. I had forgotten to amend proxy_pass parameter on nginx config file.


Although, I still reluctant to accept the usage of external IP instead of local ( within nginx configuration's file as well as aolserver's config.tcl.

But anyway, at least it works now I can't deny that.