On 2/8/2024 23:58:07, Frank Gingras wrote: . . .
There are some issues accessing from off premises, that is, when requests are entering via the internet facing router. Like 301 and 400 errors. Configuration is like this: Internet router-> server-with-apache-redirect-to->server-eith-docker-nginx-reverse-proxy-acme-custom-app. The domain names are the same on each server. Currently believe they must be for certificate generation and use. The virtual host on apache is configured thusly: <VirtualHost *:80> ServerName www.my-domain.com <http://www.my-domain.com> ServerAlias www.my-domain.org <http://www.my-domain.org> my-domain.com <http://my-domain.com> my-domain.org <http://my-domain.org> ProxyPass "/" "http://www.my-domain.com/ <http://www.my-domain.com/>" ProxyPassReverse "/" "http://my-domain.com/ <http://my-domain.com/>" </VirtualHost> <VirtualHost *:443> # SSLEngine ON ServerName www.my-domain.com <http://www.my-domain.com> ServerAlias www.my-domain.org <http://www.my-domain.org> my-domain.com <http://my-domain.com> my-domain.org <http://my-domain.org> ProxyPass "/" "https://www.my-domain.com/ <https://www.my-domain.com/>" ProxyPassReverse "/" "https://www.my-domain.com/ <https://www.my-domain.com/>" </VirtualHost> On the apache server the hosts files is used to resolve the host names to the target server. Where have I gone wrong? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx <mailto:users-unsubscribe@xxxxxxxxxxxxxxxx> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx <mailto:users-help@xxxxxxxxxxxxxxxx> Why are you using nginx at all in this set up?
The application, a FOSS project, provided a docker image to ease setup for internet access, that includes the app, nginx and an "acme-companion" for certificate generation.
I can add that the certificate, via the app and Lets Encrypt, seems to have generated and installed properly, which suggests the basic forwarding worked.
Also, if I hack the local dns to resolve to the nginx box rather than the apache box (avoiding the forward) things work fine. Only when it resolves to the apache box, as would access via the internet router (which of course involves an IP forward) does the problem surface.
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx