Nginx reverse proxy ssl: This page isn't redirecting properly

Geist

4/20/24, 12:53 AM

Okay, to start off with I'm new to all of this and still learning. I've got Nginx set up, and my standard reverse proxies work both inside of and outside my network. I've set up certbot and generated a wildcard SSL cert, I'm trying to get my proxies set up to use it. Now, they work ON my network, but outside of my network we get "Cannot open the page because too many redirects occured". Can anyone more knowledgeable take a look and hopefully fix whatever I broke?

Below is the configuration I'm attempting to use:

server {
   listen 80;
   server_name subdomain.mysite.org;
   return 301 https://subdomain.mysite.org$request_uri;
 }

server {
   listen 443 ssl;
   server_name subdomain.mysite.org;
   ssl_certificate  /etc/letsencrypt/live/mysite.org/fullchain.pem;
   ssl_certificate_key  /etc/letsencrypt/live/mysite.org/privkey.pem;
   ssl_prefer_server_ciphers on;

   location / {
        proxy_pass http://internalIP:port;

        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_headers_hash_max_size 512;
        proxy_headers_hash_bucket_size 128;
    }
}

184

1 + 4

ssl

nginx

reverse-proxy

Gerald Schneider

4/20/24, 4:20 AM

The redirect most probably come from your backend server, not nginx. Configure your backend properly.

Geist

4/21/24, 3:04 AM

I'll give that a shot. Would that explain the inconsistent behavior where it works without SSL?

Gerald Schneider

4/21/24, 4:40 AM

No idea, you are not giving enough information for a diagnosis

Geist

4/21/24, 7:22 PM

For instance: Web application running on server 2 (let's say 10.0.0.1). Port for web application is 8000. On server 1 (The Nginx server), this configuration works, inside my network, as well as coming in from outside the network: server { listen 80; server_name server2.org; } location / { proxy_pass http://10.0.0.1:8000; } } However the above (original post) SSL configuration only works when I'm inside my network, but generates too many redirects error externally, coming in from outside the network. Can you detail what else you need for diagnosis?

Score:2

Server

Geist

5/12/24, 2:29 PM

I'd finally found the answer. This was not an NGINX configuration issue. This was a Cloudflare issue, they default to "Flexible" ssl (between client and Cloudflare), and what we really want is "Full".

If registered with Cloudflare, please be aware of this.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Nginx reverse proxy ssl: This page isn't redirecting properly

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.