Question

NGINX configuration issue with reverse proxy and self signed keys

Posted October 4, 2021 173 views
Nginx

Hello everyone! I have issues with running my backend and frontend. First issue is to forward all requests to frontend which is running on localhost:9000 which is running on node.js and backend which is running on tomcat localhost:8080. For that I`m using configuration from offical nginx website.

 http {
        include       mime.types;
        default_type  application/octet-stream;
        sendfile        on;

        keepalive_timeout  65;

        gzip  on;     # tells the server to use on-the-fly gzip compression.
        upstream front {
            server localhost:9000;
            }
        upstream back {
            server localhost:8080;
            }

        server {

            listen       80;

            server_name  localhost;

          location /front {
                proxy_pass                    http://127.0.0.1:9000;
            }
          location /back {
                proxy_pass                    http://127.0.0.1:8080;
            }
        }

As result i’ve got 404 while requesting my public IP address.

Second issue is self signed keys I`m using following commands to create keys

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout
/app/conf/cert/private.key -out /app/conf/cert/fullchain.crt sudo
openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
as NGINX configuration i`m using this config

server {
        listen       443 ssl;
        server_name  localhost;
        ssl_certificate /app/conf/cert/fullchain.crt;
        ssl_certificate_key /app/conf/cert/private.key;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;

        location /upstream {
            proxy_pass                    http://127.0.0.1:9000;
            proxy_ssl_certificate         /abc/conf/cert/fullchain.crt;
            proxy_ssl_certificate_key     /abc/conf/cert/private.key;
            proxy_ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
            proxy_ssl_ciphers             HIGH:!aNULL:!MD5;
            proxy_ssl_trusted_certificate /abc/conf/cert/fullchain.crt;

            proxy_ssl_verify        on;
            proxy_ssl_verify_depth  2;
            proxy_ssl_session_reuse on;
        }

As reply for request to <my_website>:443
I have:

400 Bad Request The plain HTTP request was sent to HTTPS port

Could anyone please advise what I`m doing wrong?

edited by MattIPv4

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

The first thing I notice is, your final request is <my_website>:443, but in your Nginx configuration, you’re saying <my_website>/front and <my_website>/back respectively.

Also, you don’t need the :443 at the end. Preceding the URL with http:// or https:// is enough.

You need to also redirect requests from the listen: 80; server block to the listen: 443 ssl; block.