Home/Cloud Services/On-Premises

CKBox On-Premises SSL communication

You can communicate with CKBox On-Premises using secure connections. To achieve this, you need to set up a load balancer like NGINX or HAProxy with your SSL certificate.

You can find the HAProxy and NGINX configuration examples below.

# `HAProxy` example

Here is a basic HAProxy configuration:

global
    daemon
    maxconn 256
    tune.ssl.default-dh-param 2048

defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

frontend http-in
    bind *:80
    bind *:443 ssl crt /etc/ssl/your_certificate.pem
    http-request set-header X-Forwarded-Proto https if { ssl_fc }
    http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
    redirect scheme https if !{ ssl_fc }

    default_backend servers

backend servers
    server server1 127.0.0.1:8080 maxconn 32

# `NGINX` example

Here is a basic NGINX configuration:

events {
    worker_connections  1024;
}

http {
    server {
        server_name your.domain.name;

        listen 443;
        ssl on;
        ssl_certificate /etc/ssl/your_cert.crt;
        ssl_certificate_key /etc/ssl/your_cert_key.key;

        location / {
            proxy_pass http://127.0.0.1:8080;

            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_http_version 1.1;
        }
    }
}

CKBox On-Premises SSL communication

# HAProxy example

# NGINX example

# `HAProxy` example

# `NGINX` example