Unable to access the nexus after ssl enabled when we have enabled to redirecting url from http to https

Sonatype Nexus Repository
1

Hi Team,
We are using Nexus OSS 3.27.0-03 and enabled the SSL certificate.
As part of SSL, we have modified “nexus.properties” file to access vi http, https and also to redirect url from “http” to “https” as mentioned below.

cat nexus.properties

Jetty section

application-port=8081
application-port-ssl=8443

application-host=0.0.0.0

nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-https.xml,${jetty.etc}/jetty-http-redirect-to-https.xml,${jetty.etc}/jetty-requestlog.xml
ssl.etc=${karaf.data}/etc/ssl

nexus-context-path=/

Nexus section

nexus-edition=nexus-pro-edition

nexus-features=\

nexus-pro-feature

nexus.hazelcast.discovery.isEnabled=true

We can able to access uhttp or https and also redirectiing from http to https via IP address but same thing not happing when we try to do via DNS name.

First time when we try to access url via DNS name with the help of http://xxxxxx:8081, redirecting it to https://xxxxxx:8443 and when we try to accessing the same time 2nd time not working due to the caching.

image
image1178×549 18.4 KB

Please let me know if any thing need to do from /etc/hosts file or not.
Everytiem we can’t clear the cache.

2

I’m not sure your exact issue but some comments:

  • I’m surprised that your instance is running at all since you say OSS but your nexus.properties says PRO. It may be worth getting a fresh nexus.properties (such as downloading one and starting from the default OSS values) and starting over from that respect (but also for your future sanity).
  • 3.27 is over a year old, so would recommend upgrading as you may be hitting a bug that was fixed and then no-one will be able to help you except you :slight_smile:
  • Were I troubleshooting with the information you gave, I would remove the redirect from the equation. If HTTP and HTTPS are working fine with both DNS and IP without the redirect, then IMO it’s either hardware or your redirect configuration. If it’s those, then it’s super unlikely anyone will be able to help you troubleshoot without more information, e.g. the contents of that configuration file.

2 cents, good luck,
Joe

1 Like