Hi @Gassim,
thanks for your answer.
I caught this in the developers tools :
those calls in red, are failing because they’re going to localhost:8080 instead of the actual domain.
This is how my nginx.conf looks like:
server {
listen 10443 ssl;
server_name dhis-redacted-url;
client_max_body_size 10M;
ssl_certificate /etc/certs/final.net.chained.crt;
ssl_certificate_key /etc/certs/wildcard.final.net.key;
ssl_dhparam /etc/nginx/dhparam2048.pem;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security 'max-age=31536000';
add_header Cache-Control no-cache;
# Proxy pass to servlet container
location / {
proxy_pass http://localhost:8080/;
# proxy_redirect off;
# proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_buffer_size 128k;
proxy_buffers 8 128k;
proxy_busy_buffers_size 256k;
proxy_cookie_path ~*^/(.*) "/$1; SameSite=Lax";
}
}
and my Tomcat server.xml Connector part:
<Connector scheme="https" proxyPort="7443" />
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
relaxedQueryChars="[]" />
(For reference, I needed to setup DHIS on another port than 80/443, I had started a thread here : Make DHIS2 listen to another port than 80/443 with a reverse proxy on Nginx)
Thank you!