For a server {} that you want to make both universally compatible with both
http port 80 and https port 443 ssl requests.
This was my solution for my own sites.
#inside http block
upstream proxy_web_rack { #port 80 unsecured requests
server 172.16.0.1:80;
}
upstream proxy_web_rack_ssl { #port 443 secured requests
server 172.16.0.1:443;
}
#end http block
#Server block
server {
listen 80;
listen 443 ssl;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
if ($scheme = "http") {
proxy_pass $scheme://proxy_web_rack; #if scheme was http send to port 80
}
if ($scheme = "https") {
proxy_pass $scheme://proxy_web_rack_ssl; #if scheme was https send to port
443
}
} #end location
}
#end server block
That way if the recieved request from client is a https secured one
proxy_pass will make sure that it goes over port 443 and remains secured.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,272561,272589#msg-272589
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
