-
-
Save gvarela/928606 to your computer and use it in GitHub Desktop.
server { | |
listen 443 ssl; | |
server_name sg-wholesale.dev; | |
ssl on; | |
ssl_certificate ssl/sg-wholesale.dev.crt; | |
ssl_certificate_key ssl/sg-wholesale.dev.key; | |
keepalive_timeout 60; | |
ssl_session_timeout 5m; | |
ssl_protocols SSLv2 SSLv3 TLSv1; | |
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; | |
ssl_prefer_server_ciphers on; | |
location / { | |
proxy_pass http://127.0.0.1; | |
### force timeouts if one of backend is died ## | |
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; | |
### Set headers #### | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
### Most PHP, Python, Rails, Java App can use this header ### | |
proxy_set_header X-Forwarded-Proto https; | |
### By default we don't want to redirect it #### | |
proxy_redirect off; | |
} | |
} |
Here's the text of the blog post that was at http://shiny-bits-of-code.tumblr.com/post/4749553253/ssl-proxy-with-nginx:
SSL proxy with Nginx
I was working on a small project for my wife’s business integrating an online ordering system with Quickbooks web connector. The web connector requires an ssl connection since I am using a VM to run quickbooks as I develop on OS X. Most of the development servers don’t run SSL for obvious reasons so I needed a light weight method to have an SSL connection.
I happened upon this article http://www.cyberciti.biz/faq/howto-linux-unix-setup-nginx-ssl-proxy/ which made the setup super easy with a self signed cert. Currently I am using pow.cx as my dev server which binds it’s DNS resolver to localhost. So, all I have to do in the nginx proxy is set the proxy_pass to http://127.0.0.1 and the server name to my pow host (http://my-app.dev).
If you are using homebrew for nginx note that the reload command does not exist you have to use ‘kill -HUP pid’.
btw it goes under