Securing HTTP Traffic to Upstream Servers using NGINX
How do you secure your backend using HTTPS? I will create a Swagger Node Project to show you how.
swagger project create upstream
cd upstream/
swagger project start
Swagger Module for Node will create an endpoint that looks like this( By default the Swagger Document is available on http://localhost:10010/swagger
).
Now let’s configure the NGINX to send the traffic to my upstream server.
Find your NGINX configuration file. On my Mac it was in /usr/local/etc/nginx/
directory.
sudo nano /usr/local/etc/nginx/nginx.conf
Add this configuration to that.
# HTTPS server
#
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /usr/local/etc/nginx/ssl/tls.crt;
ssl_certificate_key /usr/local/etc/nginx/ssl/tls.key;
location / {
proxy_pass http://127.0.0.1:10010;
}
}
Now stop NGINX and then start it.
sudo nginx -s stop
sudo nginx
Or simply restart it.
sudo nginx -s reload
You are all set. Hit the endpoint using the browser( I am using a Self Signed Certificate. Therefore the browser will show an invalid cert message.).
Don’t forget to disable HTTP or to enforce HTTP redirection to HTTPS in your Production Environments.
Icon made by Freepik from www.flaticon.com