Hi ,
after configuring Nginx SSL with Tomcat 7
if I Type URL: https://test.rockwell.co.in/testril (page Work Fine ! and secured)
now if I log in to my application, URL get changed to
http://test.rockwell.co.in:5323/testril/ (which is not expected)
and not secured
Where am i going Wrong !
Please guide me
Nginx config:
# Tomcat we're forwarding to
upstream tomcat_server {
server 127.0.0.1:9090 fail_timeout=0;
}
server {
listen 443 ssl;
server_name rockwell.co.in;
#HTTPS Setup
ssl on;
ssl_certificate rbundle.crt;
ssl_certificate_key testserver.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location / {
# Forward SSL so that Tomcat knows what to do
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://test.rockwell.co.in:5323;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_connect_timeout 240;
proxy_send_timeout 240;
proxy_read_timeout 240;
}
Tomcat Server Conf :
<Service name="Catalina">
<Connector port="5323" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443"
acceptCount="100"
compressableMimeType="text/html,text/xml,text/javascript,application/x-javascript,application/javascript"
compression="on"
compressionMinSize="2048"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
Server =" "
usehttponly="true"
/>
<!-- A "Connector" using the shared thread pool-->
<Connector executor="tomcatThreadPool"
port="9090" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="x-forwarded-for"
ProxiesHeader="x-forwarded-by"
protocolHeader="x-forwarded-proto"
protocolHeaderHttpsValue="https"/>
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
after configuring Nginx SSL with Tomcat 7
if I Type URL: https://test.rockwell.co.in/testril (page Work Fine ! and secured)
now if I log in to my application, URL get changed to
http://test.rockwell.co.in:5323/testril/ (which is not expected)
and not secured
Where am i going Wrong !
Please guide me
Nginx config:
# Tomcat we're forwarding to
upstream tomcat_server {
server 127.0.0.1:9090 fail_timeout=0;
}
server {
listen 443 ssl;
server_name rockwell.co.in;
#HTTPS Setup
ssl on;
ssl_certificate rbundle.crt;
ssl_certificate_key testserver.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location / {
# Forward SSL so that Tomcat knows what to do
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://test.rockwell.co.in:5323;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_connect_timeout 240;
proxy_send_timeout 240;
proxy_read_timeout 240;
}
Tomcat Server Conf :
<Service name="Catalina">
<Connector port="5323" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443"
acceptCount="100"
compressableMimeType="text/html,text/xml,text/javascript,application/x-javascript,application/javascript"
compression="on"
compressionMinSize="2048"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
Server =" "
usehttponly="true"
/>
<!-- A "Connector" using the shared thread pool-->
<Connector executor="tomcatThreadPool"
port="9090" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="x-forwarded-for"
ProxiesHeader="x-forwarded-by"
protocolHeader="x-forwarded-proto"
protocolHeaderHttpsValue="https"/>
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>