The original post: /r/nginx by /u/SDR3078 on 2024-09-24 15:38:27.

Hi all,

Breaking my head since yesterday because I have followed tutorials related to hooking up NGINX and Cloudflare for extra security. I am trying to configure the Cloudflare Origin CA certificates, but I am always getting an error when enabling TLS verification. My encryption mode is set to ‘Full (strict)’ and covers *.mydomain.suf and mydomain.suf. My NGINX config looks like this:

server {
    # Listen on port 443 for HTTPS
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name subdomain.domain.suf;

    # SSL certificates
    ssl_certificate /etc/ssl/certs/domain.suf.pem;    # Path to your SSL certificate
    ssl_certificate_key /etc/ssl/private/domain.suf.key; # Path to your SSL private key

    # Proxy settings to forward traffic to local server (e.g., localhost:5000)
    location / {
        proxy_pass http://ip:port;  # Forward traffic to local server running on port 5000
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # WebSocket support (if applicable)
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

# Redirect HTTP traffic to HTTPS
server {
    listen 80;
    server_name *.domain.suf domain.suf;

    location / {
        return 301 https://$host$request_uri;  # Redirect all HTTP requests to HTTPS
    }
}