Skip to main content
Question

JSS behind Nginx reverse proxy


Forum|alt.badge.img+1

We have a Nginx reverse proxy with ssl offloading configured on a seperate host then the jss server with the following configuration:

server {
        listen                  443 ssl;
        server_name             [domain];

        access_log              /var/log/nginx/[domain]/access.log;
        error_log               /var/log/nginx/[domain]/error.log;

        ssl_certificate         /etc/ssl/[domain]/fullchain.pem;
        ssl_certificate_key     /etc/ssl/[domain]/privkey.pem;

        add_header X-Frame-Options "SAMEORIGIN";
        client_max_body_size    128M;

        location / {
                allow [trusted ip];
                deny all;

                proxy_set_header        Host $host;
                proxy_set_header        X-Real-IP $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header        X-Forwarded-Proto $scheme;

                proxy_pass              http://10.30.11.131:8080;
                proxy_connect_timeout       600;
                proxy_send_timeout          600;
                proxy_read_timeout          600;
                send_timeout                600;
                proxy_redirect          http://10.30.11.131:8080 https://[domain];
        }
}

we can connect to the jss server with our browser, login and configure. However when we are trying to connect with the casper admin on mac osx we get a "Connection error while connecting to. .." The traffic seems to stop at the nginx server. The strange part is, starting "Recon" it will connect to the server.. Anybody familiar with this issue ??

2 replies

davidacland
Forum|alt.badge.img+18
  • Valued Contributor
  • 1811 replies
  • April 4, 2016

We've had similar symptoms before but as we're an MSP, it's normally out of our control to edit the proxy config. It's not that often that we're using Casper Admin these days though. We either use JDSes and upload content via the web interface, or drop the packages directly into the file share DP and create the package in the web interface.

When we have a lot of packages to add to a file share DP, we use a script to loop through all packages and create them all in the JSS using the API.

Ignoring the issue really but hopefully one of these options will keep you up and running while you're looking at the problem.


Forum|alt.badge.img+10
  • Contributor
  • 52 replies
  • August 24, 2016

@davidacland would you be willing to share that script ?


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings