I have a configuration in AWS EC2 for HTTPS incoming connections. As I am a newbie to this stuff, I have nginx config which in an old-fashioned way I would edit like this: https://nginx.org/en/docs/http/configuring_https_servers.html.
Though, in AWS EC2 I can add certificates to it and then redirect both 443 and 80 ports connections to, say, port 8000 where my nginx runs as a reverse proxy.
Does nginx still have to have these certificates files locally and their paths added to the config or should traffic be decoded by ELB and sent to nginx decoded?
As mentioned before, certificate should be set up on ALB side.
This configuration of Nginx as reverse proxy behind AWS ALB works for me:
server {
listen 80;
listen 443;
server_name server_name;
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-HTTPS on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
}