Nginx Proxy SSL Verification

When using Nginx as a reverse proxy, you may need to handle SSL verification requests. Passing this request to the backend server may not do any good as back-end servers usually only handle application requests.

To handle SSL validation requests, use the following Nginx Configuration

server {
    listen 80;
    server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN;

    location ^~ /.well-known/acme-challenge/ {
        allow all;
        autoindex on;
        root /var/www/html;
    }

    location / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:4200;
    }
}

Now restart Nginx

service nginx restart

You can get SSL with the following letsencrypt command

certbot --authenticator webroot --webroot-path /var/www/html --installer nginx -d DOMAIN.EXTN -d www.DOMAIN.EXTN

If you have a redirect to HTTPS in your Nginx server block, use something like

server {
    listen 80;
    server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN;

    location ^~ /.well-known/acme-challenge/ {
        allow all;
        autoindex on;
        root /var/www/html;
    }

    location / {
        return 301 https://DOMAIN.EXTN$request_uri;
    }
}

See LetsEncrypt, Nginx

Need help with Linux Server or WordPress? We can help!
Contact Us

Leave a Reply

Your email address will not be published. Required fields are marked *