[midPoint] Trying to Setup a Https Reverse Proxy

Davy Priem davy.priem at vives.be
Wed Sep 28 22:11:23 CEST 2022 

If you want the root of midpoint also forwarding you should change it like this:

location / {
    proxy_pass http://x.x.x.x:8080/<https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fx.x.x.x%3A8080%2Fmidpoint%2F&data=05%7C01%7Cdavy.priem%40vives.be%7C6508fa0c9b7f46a5792a08daa18cae75%7Cbb238cf566c946069852a9f3e1782d63%7C1%7C0%7C637999922859970970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=A%2BmQ%2BYBuYFbNH455GxI4P8T3SV%2B6SAh3YviEjPg4DVo%3D&reserved=0>;}

}


Davy Priem





Op 28 sep. 2022, om 22:04 heeft Luke Novak <lnovak at oaisd.org<mailto:lnovak at oaisd.org>> het volgende geschreven:

I am sorry I double pasted on the last email.

The old config looked like this:


location / {
    proxy_pass http://x.x.x.x:8080/midpoint/<https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fx.x.x.x%3A8080%2Fmidpoint%2F&data=05%7C01%7Cdavy.priem%40vives.be%7C6508fa0c9b7f46a5792a08daa18cae75%7Cbb238cf566c946069852a9f3e1782d63%7C1%7C0%7C637999922859970970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=A%2BmQ%2BYBuYFbNH455GxI4P8T3SV%2B6SAh3YviEjPg4DVo%3D&reserved=0>;}

}

Thanks,
Luke
________________________________
From: Davy Priem <davy.priem at vives.be<mailto:davy.priem at vives.be>>
Sent: Wednesday, September 28, 2022 3:56 PM
To: Luke Novak <lnovak at oaisd.org<mailto:lnovak at oaisd.org>>
Cc: midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Subject: Re: [midPoint] Trying to Setup a Https Reverse Proxy

Which location are you using?

You should have something like this:


location /midpoint/ {
    proxy_pass http://x.x.x.x:8080/midpoint/<https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fx.x.x.x%3A8080%2Fmidpoint%2F&data=05%7C01%7Cdavy.priem%40vives.be%7C6508fa0c9b7f46a5792a08daa18cae75%7Cbb238cf566c946069852a9f3e1782d63%7C1%7C0%7C637999922859970970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=A%2BmQ%2BYBuYFbNH455GxI4P8T3SV%2B6SAh3YviEjPg4DVo%3D&reserved=0>;

}



Davy Priem




Op 28 sep. 2022, om 21:48 heeft Luke Novak <lnovak at oaisd.org<mailto:lnovak at oaisd.org>> het volgende geschreven:

Below is what I have in the configuration file for nginx.  I tried adding the slash after midpoint after your email and now I am getting a too many redirects error.  So I am thinking I am not exactly understanding the nginx settings.

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://x.x.x.x:8080/midpoint/<https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fx.x.x.x%3A8080%2Fmidpoint%2F&data=05%7C01%7Cdavy.priem%40vives.be%7C6508fa0c9b7f46a5792a08daa18cae75%7Cbb238cf566c946069852a9f3e1782d63%7C1%7C0%7C637999922859970970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=A%2BmQ%2BYBuYFbNH455GxI4P8T3SV%2B6SAh3YviEjPg4DVo%3D&reserved=0>;
proxy_cookie_path /midpoint/ /;
#proxy_pass unix:/path/to/php7.3.sock # This is an example of how to define a unix socket.
proxy_read_timeout 90;

Let me know if there is a different section of the config file what would be more helpful.

Thanks,
Luke


________________________________
From: Davy Priem <davy.priem at vives.be<mailto:davy.priem at vives.be>>
Sent: Wednesday, September 28, 2022 3:29 PM
To: midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Cc: Luke Novak <lnovak at oaisd.org<mailto:lnovak at oaisd.org>>
Subject: Re: [midPoint] Trying to Setup a Https Reverse Proxy

Hi,

I think there’s an error in your nginx config. In the error message you can see nginx is sending the request to <midpointhostname>/midpointmidpoint and this should be <midpointhostname>/midpoint

Davy Priem




Op 28 sep. 2022, om 21:26 heeft Luke Novak via midPoint <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>> het volgende geschreven:

Hey All,

I am working on setting up a HTTPS Reverse proxy for Midpoint using NGINX running on Ubuntu.  I am getting the error in the picture. It looks like it is coming from Apache on our Linux Midpoint server.  Is there a setting change I need to make on our Midpoint server for this to work?

Any tips, suggestions, or help would be appreciated.

Thanks,
Luke

Lucas Novak
Systems Engineer
OAISD
<RP_Error.jpg>_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
https://lists.evolveum.com/mailman/listinfo/midpoint<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.evolveum.com%2Fmailman%2Flistinfo%2Fmidpoint&data=05%7C01%7Cdavy.priem%40vives.be%7C6508fa0c9b7f46a5792a08daa18cae75%7Cbb238cf566c946069852a9f3e1782d63%7C1%7C0%7C637999922859970970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=%2Bp1fdjPAY1JbQffmLYfKY9ydiPiI27VIgRAtmLql%2Fa0%3D&reserved=0>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20220928/c1d02f3d/attachment-0001.htm>

More information about the midPoint mailing list