I need your help for a strange problem :)
I have Geoserver on my server :
- it is a standalone daemon (not a WAR deployed in Tomcat)
- it is listening on 127.0.0.1:8280
- I have a PROXY_BASE_URL configured like this: https://geoserver.example.com/geoserver
- the option "Use headers for Proxy URL" is checked at this moment but I tried by unchecking it
I have a Nginx in front of Geoserver to manage the SSL offloading. The vhost is :
upstream backend-geoserver {
server 127.0.0.1:8280 weight=10 max_fails=3 fail_timeout=15s;
}
server {
server_name geoserver.example.com;
listen 443 ssl;
include snippets/ssl.conf;
access_log /var/log/nginx/access-geoserver.log;
error_log /var/log/nginx/error-geoserver.log;
location / {
rewrite ^ /geoserver;
}
location /geoserver {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://backend-geoserver/geoserver;
}
}
When I reach my server on https://geoserver.example.com it works: I see the home page of Geoserver
Important detail : the port 80 is closed and I can't open it myself: the Nginx server can only answer on 443
When I try to login, I have a connection timeout after X seconds and, at this moment, the URL in my browser (Firefox) is HTTP://geoserver.example.com/geoserver/ <--- please note the protocol is HTTP not HTTPS
If I replace http:// with https:// and press Enter: I reach the page
If I click on a link in Geoserver, same behavior: it switches on http:// and I have to force the URL manually.
Is anyone has an idea please ?!
Thank you very much :)
CodePudding user response:
You really should have to get that port 80 open and configure nginx to redirect unsecure traffic over to https://