antisaWiki

User Tools

Site Tools

Trace:
wiki:proxy_pass_nginx_connection_using_self_signed_certificates

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
wiki:proxy_pass_nginx_connection_using_self_signed_certificates [2022/07/20 13:21] – [See also] add nginx troubleshooting antisawiki:proxy_pass_nginx_connection_using_self_signed_certificates [2022/07/20 13:24] (current) – [Frontend server configuration] trusted_ca_cert file content explained antisa
Line 27: Line 27:
  
 </code> </code>
-If you followed the certificate creation howto from above, certificate name and key name should all be the same. The //trusted_ca_cert.crt// file should contain only the **server.crt** contents.+If you followed the certificate creation howto from above, certificate name and key name should all be the same. The //trusted_ca_cert.crt// file should contain the concatenated **server.crt** and **rootCA** contents.
  
 //proxy_ssl_name// should be exactly the same as the **CN** field in the server.crt. Otherwise, the nginx will look at the //proxy_pass// directly and take that hostname and try to compare it with info in the certificate. So if you created the server.crt with CN named "remote", the //proxy_ssl_name// and //proxy_ssl_server_name// are not needed. //proxy_ssl_name// should be exactly the same as the **CN** field in the server.crt. Otherwise, the nginx will look at the //proxy_pass// directly and take that hostname and try to compare it with info in the certificate. So if you created the server.crt with CN named "remote", the //proxy_ssl_name// and //proxy_ssl_server_name// are not needed.
wiki/proxy_pass_nginx_connection_using_self_signed_certificates.1658316119.txt.gz · Last modified: 2022/07/20 13:21 by antisa
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki