How do I setup nginx to add https to geth (Go Ethereum) for a private Blockchain?

Question

Goal: Private Blockchain

I have geth (Go Ethereum) setup on my server and its running well. Additionly I would like to connect wallet apps, which need a https connection.

To enable my linux server to offer https connections I installed nginx and want to setup a reverse proxy. Unfortunaly I can not get any wallet apps to connect.

This is my nginx configuration

server {

listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/XXXXX.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/XXXXX.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
server_name XXXXX.com;


location ^~ /rpc {
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";

  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header Host $http_host;
  proxy_set_header X-NginX-Proxy true;

  proxy_pass    http://XXX.XXX.XXX.XXX:XXXX/;
  }
      }

This is a possible error: *6 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream, client: XXX.XXX.XXX.XXX, server: XXXX.com, request: "POST /rpc HTTP/1.1", upstream: "https://XXX.XXX.XXX.XXX:XXXX/", host: "XXXX.com"

Any ideas how to change the https connection configuration?

Answer 1

After a days of trail and error I found a solution to my problem. I simplified and reduced the location block:

location /rpc {
  proxy_redirect off;
  proxy_pass    http://XXX.XXX.XXX.XXX:XXXX/;
}