NGinx+self-sign cert breaks vcenter import?

I tried searching for this but couldn’t find an answer. I am new to OpenNebula and set up v4.14.2 for a POC to front our vCenter infrastructure. I set up NGinx with a self-signed cert to add an SSL layer and able to log on, etc. However, when I try to import our test vCenter host it says I need to provide a vCenter Hostname, User, and Password, which I did. However, I can import fine from the command line, so I’m thinking this is an issue using NGinx and/or using a self-signed cert. Is there any way to get this to work? Since it’s a POC I don’t want to go through the hassle of getting a real cert at the moment. Thanks.

Does it work without SSL enabled? If it still doesn’t work without SSL the problem may be this one:

http://dev.opennebula.org/issues/4286

Thanks Javi. Yes, I was able to import fine before implementing SSL. I’ll look at the link you provided to see if maybe there is something funny going on with the way I set up SSL.

BTW, here is the NGinx conf file for the opennebula server:

server {
    listen       80 default_server;
    server_name  _;
    return       301 https://$host$request_uri;
}
server {
    listen 443;
    server_name  _;
    ssl on;
    ssl_certificate /etc/nginx/server.crt;
    ssl_certificate_key /etc/nginx/server.key;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
        proxy_pass http://127.0.0.1:9869;
    }
    error_page 404 /404.html;
        location = /40x.html {
    }
    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
    location /nginx_status {
        # Turn on nginx stats
        stub_status on;
        # I do not need logs for stats
        access_log   off;
        # Security: Only allow access from localhost IP #
        allow 127.0.0.1;
        # Send rest of the world to /dev/null #
        deny all;
    }
}

The only other thing I did was set up VNC to use SSL in /etc/one/sunstone-server.conf, but I don’t think that has anything to do with this particular issue (BTW, VNC works with this turned on):

:vnc_proxy_port: 29876
:vnc_proxy_support_wss: only
:vnc_proxy_cert: /etc/nginx/server.crt
:vnc_proxy_key: /etc/nginx/server.key
:vnc_proxy_ipv6: false

Ok, I managed to get it working now. I had to tweak the NGinx server block a little more. Added the following to what was already in the block:

server {
    ....
    underscores_in_headers on;

    location / {
        ....
        proxy_pass_request_headers on;
    }
}