Nginx Proxy SSL Verification
When using Nginx as a reverse proxy, you may need to handle SSL verification requests. Passing this request to the backend server may not do any good as back-end servers usually only handle application requests.
To handle SSL validation request, use the following Nginx Configuration
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
server { listen 80; server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN; location ^~ /.well-known/acme-challenge/ { allow all; autoindex on; root /var/www/html; } location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://127.0.0.1:4200; } } |
Now restart Nginx
1 |
service nginx restart |
You can get SSL with the following letsencrypt command
1 |
certbot --authenticator webroot --webroot-path /var/www/html --installer nginx -d DOMAIN.EXTN -d www.DOMAIN.EXTN |
If you have a redirect to HTTPS in your Nginx server block, use something like
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
server { listen 80; server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN; location ^~ /.well-known/acme-challenge/ { allow all; autoindex on; root /var/www/html; } location / { return 301 https://DOMAIN.EXTN$request_uri; } } |
See LetsEncrypt, Nginx