Configure Nginx as Reverse Proxy for ScreenConnect to Enable Lets Encrypt



  • Here is a basic, working Nginx conf to use with ScreenConnect.

    server {
      listen 443 ssl default_server;
      server_name my.site.com;
      server_tokens off;
      ssl          on;
        ssl_certificate /etc/letsencrypt/live/my.site.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/my.site.com/privkey.pem; # managed by Certbot
    
        location / {
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Host $http_host;
          proxy_set_header X-NginX-Proxy true;
          proxy_pass http://127.0.0.1:8040;
          proxy_redirect off;
      }
    }
    

    This configuration assumes that ScreenConnect is running on the same server as Nginx. If it is not, change 127.0.0.1 to point to the IP address of the SC server, instead.



  • @scottalanmiller said in Configure Nginx as Reverse Proxy for ScreenConnect to Enable Lets Encrypt:

    Here is a basic, working Nginx conf to use with ScreenConnect.

    server {
      listen 443 ssl default_server;
      server_name my.site.com;
      server_tokens off;
      ssl          on;
        ssl_certificate /etc/letsencrypt/live/my.site.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/my.site.com/privkey.pem; # managed by Certbot
    
        location / {
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Host $http_host;
          proxy_set_header X-NginX-Proxy true;
          proxy_pass http://127.0.0.1:8040;
          proxy_redirect off;
      }
    }
    

    This configuration assumes that ScreenConnect is running on the same server as Nginx. If it is not, change 127.0.0.1 to point to the IP address of the SC server, instead.

    Less to that than I thought there would be.



  • @wrx7m when you use domain roots in nginx it makes things a lot easier than if you go for a URL path.



  • @wrx7m said in Configure Nginx as Reverse Proxy for ScreenConnect to Enable Lets Encrypt:

    Less to that than I thought there would be.

    It's surprisingly simple and basic. It's really just passing one port to another, and using SSL. About the most basic setup you can have.