When using Nginx as a reverse proxy, you may need to handle SSL verification requests. Passing this request to the backend server may not do any good as back-end servers usually only handle application requests.
To handle SSL validation requests, use the following Nginx Configuration
server {
listen 80;
server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN;
location ^~ /.well-known/acme-challenge/ {
allow all;
autoindex on;
root /var/www/html;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:4200;
}
}Now restart Nginx
service nginx restartYou can get SSL with the following letsencrypt command
certbot --authenticator webroot --webroot-path /var/www/html --installer nginx -d DOMAIN.EXTN -d www.DOMAIN.EXTNIf you have a redirect to HTTPS in your Nginx server block, use something like
server {
listen 80;
server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN;
location ^~ /.well-known/acme-challenge/ {
allow all;
autoindex on;
root /var/www/html;
}
location / {
return 301 https://DOMAIN.EXTN$request_uri;
}
}See LetsEncrypt, Nginx
Leave a Reply