Geoserver in tomcat behind NGINX Reverse Proxy and SSL

Assuming the Geoserver war file is running inside tomcat in port 7000 like: localhost:7000/geoserver

Also a valid SSL certificate has configured in NGINX.

First you need to change Tomcat port and add proxyPort in server.xml  :

 
sudo vim /etc/tomcat8/server.xml

 

Then search for “Connector port” and change the port number and also proxyPort to 443:

 

   

<Connector port="7000" protocol="HTTP/1.1"
           connectionTimeout="20000"
           proxyPort="443"
           scheme="https" secure="true"
/>

 

Then you need to restart tomcat :

sudo service tomcat8 restart

 

Then in Nginx add below reverse proxy inside server { } block:

 

   
location /geoserver {
                    proxy_pass http://localhost:7000/geoserver;
                    proxy_set_header X-Forwarded-Host $host;
                    proxy_set_header Host $http_host;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header X-Forwarded-Proto $scheme;
                    proxy_set_header X-Forwarded-Port 443;
                    proxy_redirect off;
              }>

Then you need to restart NGINX :

sudo service NGINX restart

 

Also you might need to add your domain name in GEOSERVER_CSRF_WHITELIST as below :

vim /var/lib/tomcat8/webapps/geoserver/WEB-INF/web.xml

   
/* add domain name */
<context-param>
  <param-name>GEOSERVER_CSRF_WHITELIST
  <param-value>Your-Domain-name.com </param-value>
</context-param>

 
Then you need to restart Tomcat :
 
sudo service tomcat8 restart

Leave a Reply

Your email address will not be published. Required fields are marked *