Using squid as reverse proxy for Nexus 3.x

[markus...@gmail.com]

I'm using squid as a reverse to terminate HTTPS. It's running fine for multiple other web applications behind it. I have installed Nexus on CentOS and I can acces it directly on port 8081. When I'm trying to connect via a public URL through the squid reverse proxy, I'm only seeing a start page telling me "Initializing ..." and the browser is indicating that it can't trust the site. The certificate is installed on the squid server is valid.

Any Idea?

[markus...@gmail.com]

just to add...

On the Browser I can select to trust the site and the standard start page is getting loaded. When I try to login, I'm getting the error message "Operating failed as server could not be contacted"

[Peter Lynch]

Nexus needs to know it is being accessed over TLS/SSL/HTTPS. The only way for it to learn that when being accessed by Squid over a plain HTTP connector is to check for a request header named X-forwarded-proto

I suspect you need to configure squid to add that request header before forwarding the request to Nexus.

http://www.squid-cache.org/Doc/config/request_header_add/

something like (untested)

request_header_add X-forwarded-proto https

--
You received this message because you are subscribed to the Google Groups "Nexus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nexus-users...@glists.sonatype.com.
To post to this group, send email to nexus...@glists.sonatype.com.
To view this discussion on the web visit https://groups.google.com/a/glists.sonatype.com/d/msgid/nexus-users/4fc8ca15-c474-404c-83c8-4186dde63be3%40glists.sonatype.com.
For more options, visit https://groups.google.com/a/glists.sonatype.com/d/optout.

[markus...@gmail.com]

Thank you, working now !!