Secure tileserver-gl using ssl in centOS

607 views Asked by At

I have sudo docker run -d --restart unless-stopped -it -v $(pwd):/data -p 81:80 maptiler/tileserver-gl running. I can access http://mypage.com:81 just fine. However, I wanted to access https://mypage.com:81. I have a valid certificate but it is failing to use https protocal. Below is my nginx.conf file.

server {
        listen 80;
        listen [::]:80 default_server;
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  mypage.com;
        root         /usr/share/nginx/html;

        ssl_certificate "/etc/pki/nginx/certs/mypage.com.crt";
        ssl_certificate_key "/etc/pki/nginx/certs/mypage.com.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers PROFILE=SYSTEM;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
                proxy_pass http://localhost:80;
                proxy_set_header X-Forwarded-Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $http_host;

        }

1

There are 1 answers

0
lewis machilika On BEST ANSWER

The solution here is

server {
        listen 81 ssl;
        listen [::]:81 ssl;
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  mypage.com;
        root         /usr/share/nginx/html;

        ssl_certificate "/etc/pki/nginx/certs/mypage.com.crt";
        ssl_certificate_key "/etc/pki/nginx/certs/mypage.com.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers PROFILE=SYSTEM;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
                proxy_pass http://localhost:80;
                proxy_set_header X-Forwarded-Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header Host $http_host;

        }

observe the ssl on port 80.