On Sun, May 05, 2019 at 03:28:11PM -0500, Julian Brown wrote:
Hi there,
> The second domain is for a bugzilla host, bugzilla.conf:
>
> server {
> location / {
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $remote_addr;
> proxy_set_header Host bugzilla.example.com;
> proxy_pass https://INTERNAL_IP <https://internal_ip/>/;
> }
> }
>
> It does send the request to the correct machine, but I do not know if it is
> sending the correct hostname or not.
It should be sending the correct Host: header within the http request, but
it may not be sending that same hostname in the TLS SNI communications.
If your INTERNAL_IP web server expects SNI, things may go wrong there.
Have a look at http://nginx.org/r/proxy_ssl_server_name, and maybe turn
it on.
> Is proxy_set_header Host, the proper way to send it as "bugzilla.example.com"
> so that Apache sees it coming on that server name to activate the correct
> vhost?
Yes, unless you share https certs on the same IP:port; in which case
you need the extra config.
Good luck with it,
f
--
Francis Daly fran...@daoine.org
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
