Where exactly do you need to put certificates in nginx reverse

P

Pavel2021-10-04 11:53:44

Nginx

Pavel, 2021-10-04 11:53:44

Where exactly do you need to put certificates in nginx reverse_proxy?

a little confused in theory, who will help put everything on the shelves?
I have an nginx server, there are a dozen more servers in LAN with it, I'm going to proxy them to the Internet
using nextcloud as an example, I redirect port 80 and 443 to nginx through a router, on which I do

server {
        listen 80;
        listen [::]:80;

        access_log /var/log/nginx/reverse-access.log;
        error_log /var/log/nginx/reverse-error.log;

        location / {
                    proxy_pass http://ip сервера nextcloud/;
  }
}

now I need to install the SSL certificate, should it be put on the nginx server or on the nextcloud server? Or maybe both?

UPD.
but 80 and 443 are required for many servers, I'll just specify server_name , without a specific port?
And the let's encrypt documentation says what is needed to issue a certificate so that the server is available on port 80,
what to do?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey Dmitriev, 2021-10-04
@mrusklon

On what "sticks out" from the outside and where the DNS record looks.
That is, on nginx reverse proxy.
You can generally drive traffic between nextcloud and nginx via http if they are in a trusted network and the requirements will be missed.