Skip to content

Instantly share code, notes, and snippets.

@pandurang90
Last active August 29, 2015 14:02
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save pandurang90/8f0c11819db4c866d985 to your computer and use it in GitHub Desktop.
nginx configure
# HTTPS server
#
server {
listen 443;
server_name server_url;
index index.html index.htm;
root /home/deploy/cingo/public;
ssl on;
ssl_certificate path/to/www.example.org.crt;
ssl_certificate_key path/to/www.example.org.key;
ssl_client_certificate path/to/ca/demoCA/cacert.pem;
ssl_verify_client optional;
ssl_verify_depth 1;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-FORWARDED_PROTO https;
proxy_set_header X-SSL-Client-S-DN $ssl_client_cert;
proxy_set_header X-CLIENT-VERIFY $ssl_client_verify;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://domain1;
break;
}
}
}
@paisleyrob
Copy link

line 18: location / {; shouldn't have a semi-colon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment