Question

NGINX configuration issue with reverse proxy and self signed keys

Hello everyone! I have issues with running my backend and frontend. First issue is to forward all requests to frontend which is running on localhost:9000 which is running on node.js and backend which is running on tomcat localhost:8080. For that I`m using configuration from offical nginx website.

 http {
        include       mime.types;
        default_type  application/octet-stream;
        sendfile        on;
    
        keepalive_timeout  65;
    
        gzip  on;     # tells the server to use on-the-fly gzip compression.
        upstream front {
            server localhost:9000;
            }
        upstream back {
            server localhost:8080;
            }
    
        server {
    
            listen       80;
    
            server_name  localhost;
     
          location /front {
                proxy_pass                    http://127.0.0.1:9000;
            }
          location /back {
                proxy_pass                    http://127.0.0.1:8080;
            }
        }

As result i’ve got 404 while requesting my public IP address.

Second issue is self signed keys I`m using following commands to create keys

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /app/conf/cert/private.key -out /app/conf/cert/fullchain.crt sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 as NGINX configuration i`m using this config

server {
        listen       443 ssl;
        server_name  localhost;
        ssl_certificate /app/conf/cert/fullchain.crt;
        ssl_certificate_key /app/conf/cert/private.key;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;
    
        location /upstream {
            proxy_pass                    http://127.0.0.1:9000;
            proxy_ssl_certificate         /abc/conf/cert/fullchain.crt;
            proxy_ssl_certificate_key     /abc/conf/cert/private.key;
            proxy_ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
            proxy_ssl_ciphers             HIGH:!aNULL:!MD5;
            proxy_ssl_trusted_certificate /abc/conf/cert/fullchain.crt;
    
            proxy_ssl_verify        on;
            proxy_ssl_verify_depth  2;
            proxy_ssl_session_reuse on;
        }

As reply for request to <my_website>:443 I have:

400 Bad Request The plain HTTP request was sent to HTTPS port

Could anyone please advise what I`m doing wrong?

Submit an answer
Answer a question...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Rexford NkansahOctober 6, 2021
Accepted Answer

The first thing I notice is, your final request is <my_website>:443, but in your Nginx configuration, you’re saying <my_website>/front and <my_website>/back respectively.

Also, you don’t need the :443 at the end. Preceding the URL with http:// or https:// is enough.

You need to also redirect requests from the listen: 80; server block to the listen: 443 ssl; block.