Nginx Proxy SSL Verification

When using Nginx as a reverse proxy, you may need to handle SSL verification requests. Passing this request to the backend server may not do any good as back-end servers usually only handle application requests.

To handle SSL validation request, use the following Nginx Configuration

server {
    listen 80;
    server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN;

    location ^~ /.well-known/acme-challenge/ {
        allow all;
        autoindex on;
        root /var/www/html;
    }

    location / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.1.2.1:4200;
    }
}

server {

listen 80;

server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN;

location ^~ /.well-known/acme-challenge/ {

allow all;

autoindex on;

root /var/www/html;

}

location / {

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $remote_addr;

proxy_set_header Host $host;

proxy_pass http://127.1.2.1:4200;

}

Now restart Nginx

service nginx restart

1	service nginx restart

You can get SSL with the following letsencrypt command

certbot --authenticator webroot --webroot-path /var/www/html --installer nginx -d DOMAIN.EXTN -d www.DOMAIN.EXTN

1	certbot --authenticator webroot --webroot-path /var/www/html --installer nginx -d DOMAIN.EXTN -d www.DOMAIN.EXTN

If you have a redirect to HTTPS in your Nginx server block, use something like

server {
    listen 80;
    server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN;

    location ^~ /.well-known/acme-challenge/ {
        allow all;
        autoindex on;
        root /var/www/html;
    }

    location / {
        return 301 https://DOMAIN.EXTN$request_uri;
    }
}