Forum OpenACS Development: Re: Setup https

Collapse
5: Re: Setup https (response to 4)
Posted by Torben Brosten on 08/05/12 10:16 AM
Iuri,

If you are using nginx proxy server to serve https url, then trying to access aolserver directly via port 8443 would not work, because aolserver is not configured to serve port 8443 via https port. Instead, https port is served by the proxy server (nginx), where nginx is listening on the https port at the external address --a typical configuration for a proxy server.

cheers,

Torben

Collapse
6: Re: Setup https (response to 5)
Posted by Iuri Sampaio on 08/05/12 04:28 PM
Torben,

I am not using nginx server to serve https. See bellow the nginx config file for that instance.

server {
listen 206.192.23.166:80;
server_name ezy.iurix.com;

location / {

root /var/www/ezysource;
client_max_body_size 40M;

proxy_read_timeout 200;
proxy_connect_timeout 200;

proxy_pass http://127.0.0.1:8040;
proxy_set_header X-Forwarded-For $remote_addr;
}

The scenario I have now is:

1) The site works only through HTTPS. (I want it functioning for both HTTP and HTTPS. HTTPS must be used only to specific pages such as login, and etc. ( I am using ecommerce package.)

HTTP links are broken: "502 Bad Gateway"

I'm not sure but I think it isn't necessary to set up nginx to serve HTTPS. Is it?

Collapse
7: Re: Setup https (response to 6)
Posted by Iuri Sampaio on 08/05/12 04:47 PM
Ok. So far I believe I fixed HTTP to work together with HTTPS access.

I was blind for small details. I had forgotten to amend proxy_pass parameter on nginx config file.

#proxy_pass http://127.0.0.1:8040;
proxy_pass http://206.192.23.166:8040;

Although, I still reluctant to accept the usage of external IP instead of local (127.0.0.1) within nginx configuration's file as well as aolserver's config.tcl.

But anyway, at least it works now I can't deny that.