Skip to content

Instantly share code, notes, and snippets.

@gvarela

gvarela/nginx.conf

Created April 19, 2011 16:05
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save gvarela/928606 to your computer and use it in GitHub Desktop.
Save gvarela/928606 to your computer and use it in GitHub Desktop.
Download ZIP
ssl proxy with nginx
Raw
nginx.conf
server {
listen 443 ssl;
server_name sg-wholesale.dev;
ssl on;
ssl_certificate ssl/sg-wholesale.dev.crt;
ssl_certificate_key ssl/sg-wholesale.dev.key;
keepalive_timeout 60;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1;
### force timeouts if one of backend is died ##
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
### Set headers ####
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
### Most PHP, Python, Rails, Java App can use this header ###
proxy_set_header X-Forwarded-Proto https;
### By default we don't want to redirect it ####
proxy_redirect off;
}
}
@elia
Copy link

elia commented Dec 5, 2011

btw it goes under

http {
  # ... previous conf
  # snippet here
}

@jamesgecko
Copy link

Here's the text of the blog post that was at http://shiny-bits-of-code.tumblr.com/post/4749553253/ssl-proxy-with-nginx:

SSL proxy with Nginx

I was working on a small project for my wife’s business integrating an online ordering system with Quickbooks web connector. The web connector requires an ssl connection since I am using a VM to run quickbooks as I develop on OS X. Most of the development servers don’t run SSL for obvious reasons so I needed a light weight method to have an SSL connection.

I happened upon this article http://www.cyberciti.biz/faq/howto-linux-unix-setup-nginx-ssl-proxy/ which made the setup super easy with a self signed cert. Currently I am using pow.cx as my dev server which binds it’s DNS resolver to localhost. So, all I have to do in the nginx proxy is set the proxy_pass to http://127.0.0.1 and the server name to my pow host (http://my-app.dev).

If you are using homebrew for nginx note that the reload command does not exist you have to use ‘kill -HUP pid’.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment