Thank you Martijn and Brian,

We have found that the following configuration makes PDF portal working properly:
server {
        listen 443;
        server_name pdf.example.com;

        ssl on;
        ssl_certificate /etc/nginx/ssl/example.com/wildcard.example.com.pem;
        ssl_certificate_key /etc/nginx/ssl/tatratech.ch/wildcard.example.com.key;

        access_log /var/log/nginx/pdf.example.com.access.log;
        error_log /var/log/nginx/pdf.example.com.error.log;

        location / {
                proxy_pass         https://192.168.0.1:8443/;
                proxy_set_header Host $host;
                error_page 301 302 307 = @handle_redirect;
        }
}
So we're using a separate NGinx configuration for PDF now.

I will take a look at the developer console for CSS case and consider using HAProxy.
Thank you!

- Dima

On Fri, Oct 1, 2021 at 12:31 PM Martijn Brinkers <martijn@ciphermail.com> wrote:
On Thu, 2021-09-23 at 18:44 +0300, Dima Kovalyov via Users wrote:
> Hello Ciphermail,
>
> We've put the encryption gateway behind nginx proxy (full
> configuration attached). Sample:
> >         location / {
> >                 proxy_pass         https://192.168.0.1:8443/;
> >                 proxy_http_version 1.1;
> >                 proxy_set_header Upgrade $http_upgrade;
> >                 proxy_set_header Connection 'upgrade';
> >                 proxy_set_header Host $host;
> >                 proxy_cache_bypass $http_upgrade;
> >                 proxy_intercept_errors on;
> >                 proxy_set_header X-Real-IP $remote_addr;
> >                 proxy_set_header X-Forwarded-For $remote_addr;
>
> However when a new user accesses PDF Portal they are presented with a
> Login page instead of "Create new password" page for the user.
>
> Also, inside the portal, some of the features like accessing system
> logs return a page with no style (screenshot attached).
>
> Can you please advise what nginx configuration we can try to make
> Ciphermail work behind it?

I do not have any experience running tomcat behind nginx. I know it
works with Apache HTTPd.

I suggest to use the developer tool from you browser to check what the
server response is when it tries to load the css file.

Kind regards,

Martijn

--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger