ssl and nginx (just the web front end)

Hi, I would like my web front end for TeamCity to be SSL encrypted. So I am putting it behind nginx on the same server. I am using

 

server {
listen 443 ssl;
server_name xxx.net;

ssl_certificate xxx.cer;
ssl_certificate_key xxx.key;

ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;

ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;

location /teamcity {
proxy_pass http://localhost:8111/teamcity/;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $server_name:$server_port;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}

This works generally except when I go to a link like

https://dev.loqu8.net/teamcity/admin/createUser.html?init=1

then I get 400

The plain HTTP request was sent to HTTPS port

 

Is there any way around this? I note that it works if I go to 

https://dev.loqu8.net/teamcity/admin/createUser.html

 

 

 

2 comments

I was able to make headway on this after a hint from the myriad of web pages I clicked through. In the server.xml, you must add proxyPort="443" and scheme="https" to the default connector. I don't think this actually runs TeamCity in https, but it allows things to work right.

<Connector port="8111" protocol="org.apache.coyote.http11.Http11NioProtocol"
connectionTimeout="60000"
redirectPort="8543"
useBodyEncodingForURI="true"
socket.txBufSize="64000"
socket.rxBufSize="64000"
tcpNoDelay="1"
proxyPort="443"
scheme="https"
/>

0

If anybody face the same problem, please see the section How To Set Up behind a Proxy Server (also please review the "Other server" subsection).

0

Please sign in to leave a comment.