Author Topic: Apache & Nginx Reverse Proxy, wanting to Install Letsencrypt  (Read 10212 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Apache & Nginx Reverse Proxy, wanting to Install Letsencrypt
« on: December 13, 2016, 10:50:14 AM »
Hi,

I am running Centos Webpanel, with the Apache & Nginx Reverse Proxy (Nginx on port 80 and apache on port 8181) option enabled in Apache settings > Select Web Servers.

I want to install Lets Encrypt.
Does the Letsencrypt Manager work with Apache & Nginx Reverse Proxy, or do I need to switch to Apache only first?

I've read the guide at http://wiki.centos-webpanel.com/letsencrypt-free-ssl-on-cwp, and looked on the forum but I can't find out if I can use the Letsencrypt Manager with this configuration.

Kind regards

Offline
*
Re: Apache & Nginx Reverse Proxy, wanting to Install Letsencrypt
« Reply #1 on: February 13, 2017, 04:13:02 PM »
I've had no issues using Lets Encrypt using this configuration. I've got 5 domains behind a LetsEncrypt SSL on my configuration all with valid certificates.

Offline
*
Re: Apache & Nginx Reverse Proxy, wanting to Install Letsencrypt
« Reply #2 on: February 20, 2017, 06:41:02 PM »
@alex,

After install Nginx, CWP will set Nginx to listen to port 80 and forward to 8181, listened by Apache there.  By default the installation of Letsencrypt will get Apache also listen to port 443.  Therefore one would need to change Apache conf and Nginx conf, in order to make Nginx forward https connection on port 443 to Apache.

I am happy your website will run under https and Nginx. Does your conf survived after Letsencrypt daily certificate renewal?  Is your https header responded by Apache or Nginx? (or maybe even Mod Security?) Can you share how to do it? Thanks alot!
Quote
pp :> curl -X HEAD -i http://www.my.domain
HTTP/1.1 200 OK
Server: nginx/1.10.3
.....

pp :> curl -X HEAD -i https://www.my.domain
HTTP/1.1 200 OK
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
...
« Last Edit: February 20, 2017, 07:00:48 PM by xjlin0 »