ПРОЕКТЫ 


  АРХИВ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 


  СТАТЬИ 


  ПЕРСОНАЛЬНОЕ 


  ПРОГРАММЫ 



ПИШИТЕ
ПИСЬМА












     АРХИВ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SSL + Squrellmail


  • To: nginx-ru@xxxxxxxxx
  • Subject: SSL + Squrellmail
  • From: "Alexey Kovyrin" <alexey@xxxxxxxxxxx>
  • Date: Thu, 16 Nov 2006 15:20:47 -0500
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=IEBlsBCYK8QKX7+sfKnUeLAI15fLCkXl3XwhjKjcUuwR16F++NgvuvMk1hi7+tt8ksIL0VuzERnAiRPL+PIOvblv4mLndFk/5Q/9V0kZxMBAXha+EEzNnszzB4mSIZVouGzR4AEm8Ch5JifBRgz2VcIfnpDOp+I0DDXImX6YmH4=

Вот, в коментах на блоге человек задал вопрос, но я никогда толком не
копался с nginx+ssl, потому даже не знаю, что посоветовать ему...
Может комьюнити поможет?

Его пост - ниже:

Made a partial jump last night?

Fired up nginx running an ssl connection and reverse proxying it to Apache.

All seemed to work okay. Fired up Squirrelmail and was able to read
messages just fine. I did notice a problem when I tried to send
message. After I hit "send" in Squirrelmail, the page wouldn't refresh
to the message list, but stayed in the message edit page. The message
DID get sent (I checked) but Squirrel wouldn't leave the compose
message page.

I checked the error logs for nginx and saw this message:

SSL_do_handshake() failed (SSL: error:14094412:SSL
routines:SSL3_READ_BYTES:sslv3 aler
t bad certificate) while reading client request line, client:
xxx.xxx.xxx.xxx, server: www.myserver.com

Here's the server config:

server {
listen 443;
root /usr/local/apache/htdocs;
server_name www.myserver.com;
ssl on;
ssl_certificate /usr/local/apache/conf/server.pem;
ssl_certificate_key /usr/local/apache/conf/server.key;

ssl_session_timeout 5m;

location / {
root shtml;
index index.shtml index.html;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_redirect off;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 10m;
client_body_buffer_size 128k;

proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;

proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}

--
/Scoundrel



 




Copyright © Lexa Software, 1996-2009.