Nginx proxy to nodejs / SSL

[lpark]

I'm trying to use self-signed certs for my web-application based on vue/node.js.
And added two conf files for nginx to handle vue and node. The Vue part works if I disable the Nginx node conf file. I just add it for completion. I guess the problem is within the proxy to node (or self-signed certs?).

 

VUE:

    server {
         listen      80;
         listen      [::]:80;
         server_name inf-education-67.umwelt-campus.de;
         return 301  https://$server_name$request_uri;
    }
    server {
         listen       443 ssl http2;
         listen       [::]:443 ssl http2;
         server_name  inf-education-67.umwelt-campus.de;
 
         # point to ssl certificate path
         include snippets/self-signed.conf;
         include snippets/ssl-params.conf;
    
         location / {
             # point to dist folder inside vue source code folder
             root /var/www/client/pvapp-client/dist;
             autoindex on;
             autoindex_exact_size off;
             index index.html index.htm;
             try_files $uri $uri/ /index.html;
        }
    }  

 
NODE:

server {
     listen       80;
     listen       [::]:80;
     server_name  MY_IP;
     return 301   https://$server_name$request_uri;
}

server {
     listen       443 ssl;
     listen       [::]:443 ssl http2;
     server_name  MY_IP;

     # point to ssl certificate path
     include snippets/self-signed.conf;
     include snippets/ssl-params.conf;

     root /var/www/server/pvapp-server;

     location / {
          proxy_http_version 1.1;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header Host $host;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_pass http://MY_IP:60702;
          proxy_ssl_verify off;
     }
}

 

The Nginx logs are:
Error.log

(This one is common with self-signed certs tho)
2021/02/23 07:30:07 [warn] 233791#233791: "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/nginx/selfSignedCerts/example.crt"`

 

2021/02/24 07:26:48 [error] 233793#233793: *17 connect() failed (111: Connection refused) while connecting to upstream, client: IP, server: IP, request: "GET / HTTP/2.0", upstream: "http://MyIP:60702/", host>

Access.log

MYIP - - [23/Feb/2021:07:31:02 +0000] "GET / HTTP/2.0" 404 128 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36"

 

[MG2R]

Well, the error is telling you nginx can’t connect to the backend service. Have you verified that you can reach MY_IP:60702 from the nginx node on the command line? A simple curl should do. 
 

edit: I’m guessing the issue comes from directly trying to connect to the backend IP, instead of using a hostname. The vue configuration specifies a server_name, which means that config wouldn’t be used to serve requests if you’re connecting via hostname 

[lpark]

@MG2R I don't have a hostname for the backend tho. That's why I directly use the IP. 

 

I did a curl to myIP:60702 and I got the "cannot get". So how would I reach my node app then?

[MG2R]

What’s the full error? Can you ping the backend server?

 

If you can ping it but not reach vue through nginx, I’m guessing it’s because vue-nginx conf states this:

 

server_name  inf-education-47.umwelt-campus.de;

which means you need to contact it and set the host header. With curl I think you can verify that with --host

[lpark]

@MG2R I think I identified the problem. It's the server_name in the nginx node conf file. I need to add a second server name to my vServer. The one I specified in /etc/hosts is in use at the nginx vue config. But how would I specify a second server name?