Configure Reverse Proxy Using Nginx
The following is an example on how to set up a reverse proxy using nginx
for DLS for your reference. You can do the configuration yourself as long as you can achieve the requirement which is to redirect requests sent to “https://www.yoursite.com/dls/*” to “https://127.0.0.1:48080/*”.
Install nginx
On CentOs
- Install
rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
yum install nginx
- Start
systemctl start nginx.server
- Configure the web server to start with the OS
systemctl enable nginx.server
On Ubuntu
sudo apt install nginx-full
sudo systemctl start nginx
sudo systemctl enable nginx
Test nginx
Open “http://localhost” in a browser. If nginx
was installed and started successfully, you should see a message like
······ Welcome to nginx! ······
Configure nginx
Open the configuration file
The file could either be /etc/nginx/conf.d/default.conf
or /etc/nginx/sites-enabled/default
.
Add your server name
server_name www.yoursite.com;
Add reverse proxy
location /dls/ {
proxy_pass http://127.0.0.1:48080/;
}
Restart the server
sudo systemctl restart nginx
At this point, you can access the server with the URL “http://www.yoursite.com/dls/page/index.html#/”.
Configure SSL
For security, we should access the Dynamsoft License Server via HTTPS.
Self-signed Certificate
For demoing and testing purposes, we can try the self-signed certificate when configuring nginx
by uncommenting the 3 lines as shown below.
server {
...
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
include snippets/snakeoil.conf;
...
}
If your system doesn’t have the self-signed certificate. You can install it like this
sudo apt-get install ssl-cert
sudo make-ssl-cert generage-default-snakeoil
Your client needs to be configured to trust that self-signed certificate. For example, if you are running a web application, you can open the page “https://www.yoursite.com/dls/page/index.html#/” in the browser and do the following
- Page shows warning about the self-signed certificate
- Click
Advanced
- Click
Proceed to xxxx (unsafe)
.
Then this self-signed certificate will be trusted temporarily for some time.
NOTE that you should avoid using self-signed certificates in your production server.
Trusted Certificate
You can get a trusted certificate from many suppliers.
e.g. You can get a free one from certbot.
Check the https page
After you have configured a secure port, you can then access the server by “https://www.yoursite.com/dls/page/index.html#/”.
Configure Dynamsoft License Server
With the above steps, the Dynamsoft License Server will be listening on requests sent to this URL “https://www.yoursite.com/dls/”. We recommend that you set up another Dynamsoft License Server on another machine as the standby server(read more on configure the DLS as the standby). Assume the standby URL is “https://standby.yoursite.com/dls/”, the following shows how to configure the server to be used (we take the JavaScript edition of Dynamsoft Barcode Reader as an example). Read more information here.
Dynamsoft.DBR.BarcodeReader.licenseServer = ["https://www.yoursite.com/dls/", "https://standby.yoursite.com/dls/"];