Redirect your connections from a non secured connection to a secured connection, that is the HTTP → HTTPS
You will need to forward your connections from HTTP to HTTPS, this means that when someone reaches http://yourdomain.com (by default this means using the port 80) they are redirected to https://yourdomain.com (which would be the same as typing http://yourdomain.com:443). This step can be achieved with a rewrite rule on your nginx (there are other ways, but let’s leave it there as it is the default and recommended).
For the second thing you need to have a valid SSL certificate, you can either buy one or use the free service by LetsEncrypt. For any of these you will need to have a valid domain name that is the one you will be using (here you are talking the whole time about domain.com so I assume you already have this). Then the last thing will be telling nginx to act as a reverse proxy, so it forwards the connections to the tomcat server, this is achieved via the proxy_pass.
I hope this helps. You can also check the official documentation where these steps are pretty well explained: Home - DHIS2 Documentation
Dear Jaime,
Yes I can see the certificate on web browser. Its working fine on browser. And I also put the url correctly to the android app.
I can access with the port no like “http://domain.com:8080/” but if i use “https://domain.com” then it gives me this error.
Yes https://domain.com works only in browser, android showing that error.
http://domain.com:8080 towards https://domain.com redirection not happening
For this I have used the following lines:
server {
listen 80;
rewrite ^ https://domain.com$request_uri? permanent;
}
Yeah thanks…
I have added this two lines:
Connector address=“3.101.101.106” protocol=“HTTP/1.1”
Connector scheme=“https” proxyPort=“443”
Any other thing that I miss?
Uhmmmm, I am just reviewing the whole thread. I think I missed something, sorry… can you paste your current nginx.conf??
Because I think that your redirection (proxy_pass) should point to http://localhost:8080 which is your tomcat server address. Note that is localhost and not the URL.