Java+nginx getting around self-signed certs
I encountered a Nexus server over HTTPS that had a self-signed certificate and the certificate wasn't even for the specified public name. I got around it with the following nginx reverse proxy configuration:
server {
listen 80;
server_name _;
location / {
proxy_pass https://nexus.somedomain.com;
proxy_set_header Host nexus.somedomain.com;
proxy_redirect https://nexus.somedomain.com/ http://$host:$server_port/;
proxy_pass_header WWW-Authenticate;
}
}
I then installed Sonatype Nexus and pointed to the remote repositories using http://localhost/...
and specifying the digest authentication parameters. Problem solved and the entire dev team won't have to add the self signed certificate as a trusted root in their $JAVA_HOME
.
Written by Charles Feduke
Related protips
Have a fresh tip? Share with Coderwall community!
Post
Post a tip
Best
#Nginx
Authors
reiaguilera
279.6K
jamesdullaghan
90.19K
Sponsored by #native_company# — Learn More
#native_title#
#native_desc#