Level 1
Change your proxy pass to use https:// instead of http://.
Dec 3, 2015
5
Level 1
Load balancer, ssl, 3 servers and redirect loop
I just set up 3 servers with laravel forge. 1 load balancer and 2 file servers that contains my laravel project.
I have installed my SSL-certificate on all three servers, and pointed my domain to the load balancer servers IP Address.
However, when accessing my sites url now, I get a redirect loop. Anyone got any suggestions?
Here is the config for the load balancer (Domain removed for question):
server { listen 80; server_name mydomain.no; return 301 https://mydomain.no$request_uri; }
include upstreams/mydomain.no;
server { listen 443 ssl; server_name .mydomain.no;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/mydomain.no/16768/server.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.no/16768/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/mydomain.no-error.log error;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://116816_app/;
proxy_redirect off;
# Handle Web Socket connections
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
} And here is the nginx conf from my file servers:
server { listen 80; server_name mydomain.no; return 301 https://mydomain.no$request_uri; }
server { listen 443 ssl; server_name .mydomain.no; root /home/forge/mydomain.no/httpdocs/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/mydomain.no/16782/server.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.no/16782/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/mydomain.no-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
server { listen 80; server_name mydomain.no; return 301 https://mydomain.no$request_uri; }
server { listen 443 ssl; server_name .mydomain.no; root /home/forge/mydomain.no/httpdocs/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/mydomain.no/16783/server.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.no/16783/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/mydomain.no-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
Level 1
That only results in a 502 bad gateway
Level 1
Ok, so I figures that only the load balancer should run on port 443, and the file servers on port 80 with no SSL certificate set up on them.
Level 7
@olehaugset Can you help me with this ?
Level 7
5 years later i have the same problem only solution above doesnt work anymore. Thinks because of new protocols.
Please or to participate in this conversation.