Once try this. https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/
And configure again with auth proxy module On Thu 26 Nov, 2020, 6:17 AM Pavan P, <[email protected]> wrote: > Yes Harish, Certificate is working fine. > > root@ip-172-31-33-18:~# nginx -V > nginx version: nginx/1.10.3 (Ubuntu) > built with OpenSSL 1.0.2g 1 Mar 2016 > TLS SNI support enabled > configure arguments: --with-cc-opt='-g -O2 -fPIE -fstack-protector-strong > -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2' > --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' > --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf > --http-log-path=/var/log/nginx/access.log > --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock > --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body > --http-fastcgi-temp-path=/var/lib/nginx/fastcgi > --http-proxy-temp-path=/var/lib/nginx/proxy > --http-scgi-temp-path=/var/lib/nginx/scgi > --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit > --with-ipv6 --with-http_ssl_module --with-http_stub_status_module > --with-http_realip_module --with-http_auth_request_module > --with-http_addition_module --with-http_dav_module --with-http_geoip_module > --with-http_gunzip_module --with-http_gzip_static_module > --with-http_image_filter_module --with-http_v2_module > --with-http_sub_module --with-http_xslt_module --with-stream > --with-stream_ssl_module --with-mail --with-mail_ssl_module --with-threads > (base) root@ip-172-31-33-18:~# > > On Thu, Nov 26, 2020 at 10:43 AM HARISH KUMAR Ivaturi < > [email protected]> wrote: > >> 1) once type nginx -V and send rhe output. >> >> 2) certificate - certificate.cert >> Certificate_key - certificate.key >> >> Once recheck the certs section and make sure that you have generated with >> certificates with openssl properly. >> >> BR >> Harish Kumar >> >> On Thu 26 Nov, 2020, 5:27 AM Pavan P, <[email protected]> wrote: >> >>> Hi Harish, >>> Below is the config of my nginx. Https module is configured fine. Please >>> let me know if I have missed anything. >>> >>> server { >>> server_name ci1.altlifelab.com; >>> >>> location / { >>> proxy_set_header Host $host:$server_port; >>> proxy_set_header X-Real-IP $remote_addr; >>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; >>> proxy_set_header X-Forwarded-Proto $scheme; >>> >>> >>> # Fix the "It appears that your reverse proxy set up is broken" >>> error. >>> proxy_pass http://127.0.0.1:9080; >>> proxy_read_timeout 90; >>> >>> proxy_redirect http://127.0.0.1:9080 >>> http://www.ci1.altlifelab.com; >>> >>> # Required for new HTTP-based CLI >>> proxy_http_version 1.1; >>> proxy_request_buffering off; >>> # workaround for >>> https://issues.jenkins-ci1.org/browse/JENKINS-45651 >>> add_header 'X-SSH-Endpoint' 'ci1.altlifelab.com:50022' always; >>> } >>> >>> listen 443 ssl; # managed by Certbot >>> ssl_certificate /etc/letsencrypt/live/ >>> ci1.altlifelab.com/fullchain.pem; # managed by Certbot >>> ssl_certificate_key /etc/letsencrypt/live/ >>> ci1.altlifelab.com/privkey.pem; # managed by Certbot >>> include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot >>> ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot >>> >>> >>> } >>> >>> server { >>> if ($host = ci1.altlifelab.com) { >>> # return 301 https://$host$request_uri; >>> return 301 >>> https://myapps.microsoft.com/signin/ci2/a825dd26-fed2-4423-ae69-6a7d457b4b44?tenantId=eb9970cc-4803-4f6a-9ad2-e9b46042c5fd >>> ; >>> } # managed by Certbot >>> >>> >>> listen 80; >>> server_name ci1.altlifelab.com; >>> return 301 >>> https://myapps.microsoft.com/signin/ci2/a825dd26-fed2-4423-ae69-6a7d457b4b44?tenantId=eb9970cc-4803-4f6a-9ad2-e9b46042c5fd; >>> >>> } >>> >>> On Thu, Nov 26, 2020 at 5:04 AM HARISH KUMAR Ivaturi < >>> [email protected]> wrote: >>> >>>> I am not sure if you have configured nginx with https_module. Once try >>>> that. And also add proper headers in the nginx.conf like >>>> >>>> Listen 443 ssl; >>>> Certificates location >>>> >>>> BR >>>> Harish Kumar >>>> >>>> On Wed 25 Nov, 2020, 3:53 PM Pavan P, <[email protected]> wrote: >>>> >>>>> Hi, >>>>> I have configured nginx to authenticate with azure AD for login. >>>>> >>>>> When I access the site abc.example.com it redirects to Azure for >>>>> authentication and redirects me back once the authentication is complete. >>>>> >>>>> How ever when I try to access the site with https abc.example.com it >>>>> does not redirect for authentication. >>>>> >>>>> Is there anyway I can get both http and https to redirect for azure >>>>> auth. >>>>> >>>>> Regards, >>>>> Pavan >>>>> >>>>> _______________________________________________ >>>>> nginx-devel mailing list >>>>> [email protected] >>>>> http://mailman.nginx.org/mailman/listinfo/nginx-devel >>>> >>>> _______________________________________________ >>>> nginx-devel mailing list >>>> [email protected] >>>> http://mailman.nginx.org/mailman/listinfo/nginx-devel >>> >>> _______________________________________________ >>> nginx-devel mailing list >>> [email protected] >>> http://mailman.nginx.org/mailman/listinfo/nginx-devel >> >> _______________________________________________ >> nginx-devel mailing list >> [email protected] >> http://mailman.nginx.org/mailman/listinfo/nginx-devel > > _______________________________________________ > nginx-devel mailing list > [email protected] > http://mailman.nginx.org/mailman/listinfo/nginx-devel
_______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
