You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@nifi.apache.org by "Ben .T.George" <be...@gmail.com> on 2022/11/13 16:22:37 UTC
Nifi with Nginx(ssl) reverse proxy
Hello,
i have a nifi instance running fine on port 8443, i would like to configure
SSL and configureit to listen on 443,
i was trying to do that with nginx and somehow it is not working for me.
what i would like to achieve
User->https(port 443)->nifi(port 8443)
below are my conf details
# web properties #
#############################################
nifi.web.http.host=
nifi.web.http.port=
nifi.web.http.network.interface.default=
#############################################
nifi.web.https.host=
nifi.web.https.port=8443
nifi.web.https.network.interface.default=
nifi.web.jetty.working.directory=./work/jetty
nifi.web.jetty.threads=200
nifi.web.max.header.size=16 KB
nifi.web.proxy.context.path=
nifi.web.proxy.host=
nifi.web.max.content.size=
nifi.web.max.requests.per.second=30000
nifi.web.max.access.token.requests.per.second=25
nifi.web.request.timeout=60 secs
nifi.web.request.ip.whitelist=
nifi.web.should.send.server.version=true
nifi.web.request.log.format=%{client}a - %u %t "%r" %s %O "%{Referer}i"
"%{User-Agent}i"
Nginx:
server {
listen 443 ssl http2 default_server;
server_name sftplx.example.com;
ssl_certificate "/etc/pki/nginx/example.com.cer";
ssl_certificate_key "/etc/pki/nginx/privatekey.pem";
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location /nifi {
proxy_pass https://localhost:8443/nifi;
proxy_ssl_server_name on;
proxy_set_header Host sftplx.example.com ;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
Thanks & Regards,
Ben
Re: Nifi with Nginx(ssl) reverse proxy
Posted by Joe Witt <jo...@gmail.com>.
Thanks!
On Tue, Nov 15, 2022 at 10:06 AM Ben .T.George <be...@gmail.com>
wrote:
> Hello,
>
> I have achieved this with nginx - reverse proxy method.
>
> Regards,
> Ben
>
> On Sun, Nov 13, 2022 at 7:22 PM Ben .T.George <be...@gmail.com>
> wrote:
>
>> Hello,
>>
>> i have a nifi instance running fine on port 8443, i would like to
>> configure SSL and configureit to listen on 443,
>>
>> i was trying to do that with nginx and somehow it is not working for me.
>>
>> what i would like to achieve
>> User->https(port 443)->nifi(port 8443)
>>
>> below are my conf details
>> # web properties #
>> #############################################
>> nifi.web.http.host=
>> nifi.web.http.port=
>> nifi.web.http.network.interface.default=
>> #############################################
>> nifi.web.https.host=
>> nifi.web.https.port=8443
>> nifi.web.https.network.interface.default=
>> nifi.web.jetty.working.directory=./work/jetty
>> nifi.web.jetty.threads=200
>> nifi.web.max.header.size=16 KB
>> nifi.web.proxy.context.path=
>> nifi.web.proxy.host=
>> nifi.web.max.content.size=
>> nifi.web.max.requests.per.second=30000
>> nifi.web.max.access.token.requests.per.second=25
>> nifi.web.request.timeout=60 secs
>> nifi.web.request.ip.whitelist=
>> nifi.web.should.send.server.version=true
>> nifi.web.request.log.format=%{client}a - %u %t "%r" %s %O "%{Referer}i"
>> "%{User-Agent}i"
>>
>> Nginx:
>>
>> server {
>> listen 443 ssl http2 default_server;
>> server_name sftplx.example.com;
>>
>> ssl_certificate "/etc/pki/nginx/example.com.cer";
>> ssl_certificate_key "/etc/pki/nginx/privatekey.pem";
>> error_page 404 /404.html;
>> location = /40x.html {
>> }
>>
>> error_page 500 502 503 504 /50x.html;
>> location = /50x.html {
>> }
>>
>> location /nifi {
>> proxy_pass https://localhost:8443/nifi;
>> proxy_ssl_server_name on;
>> proxy_set_header Host sftplx.example.com ;
>> proxy_set_header X-Real-IP $remote_addr;
>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>> proxy_set_header X-Forwarded-Proto $scheme;
>>
>> }
>>
>>
>> Thanks & Regards,
>> Ben
>>
>
>
> --
> Yours Sincerely
> Ben.T.George
> Phone : +965 - 50629829 / 94100799
>
> *" Live like you will die tomorrow, learn like you will live forever "*
>
Re: Nifi with Nginx(ssl) reverse proxy
Posted by "Ben .T.George" <be...@gmail.com>.
Hello,
I have achieved this with nginx - reverse proxy method.
Regards,
Ben
On Sun, Nov 13, 2022 at 7:22 PM Ben .T.George <be...@gmail.com> wrote:
> Hello,
>
> i have a nifi instance running fine on port 8443, i would like to
> configure SSL and configureit to listen on 443,
>
> i was trying to do that with nginx and somehow it is not working for me.
>
> what i would like to achieve
> User->https(port 443)->nifi(port 8443)
>
> below are my conf details
> # web properties #
> #############################################
> nifi.web.http.host=
> nifi.web.http.port=
> nifi.web.http.network.interface.default=
> #############################################
> nifi.web.https.host=
> nifi.web.https.port=8443
> nifi.web.https.network.interface.default=
> nifi.web.jetty.working.directory=./work/jetty
> nifi.web.jetty.threads=200
> nifi.web.max.header.size=16 KB
> nifi.web.proxy.context.path=
> nifi.web.proxy.host=
> nifi.web.max.content.size=
> nifi.web.max.requests.per.second=30000
> nifi.web.max.access.token.requests.per.second=25
> nifi.web.request.timeout=60 secs
> nifi.web.request.ip.whitelist=
> nifi.web.should.send.server.version=true
> nifi.web.request.log.format=%{client}a - %u %t "%r" %s %O "%{Referer}i"
> "%{User-Agent}i"
>
> Nginx:
>
> server {
> listen 443 ssl http2 default_server;
> server_name sftplx.example.com;
>
> ssl_certificate "/etc/pki/nginx/example.com.cer";
> ssl_certificate_key "/etc/pki/nginx/privatekey.pem";
> error_page 404 /404.html;
> location = /40x.html {
> }
>
> error_page 500 502 503 504 /50x.html;
> location = /50x.html {
> }
>
> location /nifi {
> proxy_pass https://localhost:8443/nifi;
> proxy_ssl_server_name on;
> proxy_set_header Host sftplx.example.com ;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded-Proto $scheme;
>
> }
>
>
> Thanks & Regards,
> Ben
>
--
Yours Sincerely
Ben.T.George
Phone : +965 - 50629829 / 94100799
*" Live like you will die tomorrow, learn like you will live forever "*