Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW

How to setup QlikView with NGINX as a reverse proxy (configuration file example)

No ratings
cancel
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

How to setup QlikView with NGINX as a reverse proxy (configuration file example)

Last Update:

Jul 2, 2021 9:21:33 AM

Updated By:

Damien_Villaret

Created date:

Mar 8, 2019 8:20:13 AM

This article provides a configuration file example for NGINGX being used as a reverse proxy for QlikView.


! NOTE: NGINX is a high performance, highly scalable, highly available web server, reverse proxy server, and web accelerator, but is also a third-party tool not supported by Qlik. Configuration of NGINX in combination with Qlik products cannot be supported by Qlik Product Support.

The provided NGINX rules have been internally tested by Qlik and are confirmed to work in a standard out of the box environment. Further customization might be necessary in other environments. Implement with caution.

 

Environment:



Resolution:


The environment used in this example is a simple QlikView server installation on one server (server 2), and NGINX on another (server 1). 

Please find below the settings for the nginx.conf file:

 

HTTP:
 

events {
    worker_connections  1024;
}

http {

	##################################################
	######## Customize the Following Sections ########
	##################################################

    upstream qlikap {
        server name_of_server2:80;
		keepalive 64;
    }
	upstream qlikqmc {
        server name_of_server2:4780;
		keepalive 64;
    }
	##################################################

	server {
		listen 80 default_server;
		server_name _;
		
		proxy_pass_header Authorization;

		### Set headers ###
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		
		# X-Forwarded headers
		proxy_set_header X-Forwarded-Host $host;
		proxy_set_header X-Forwarded-Server $host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto http;
		
		# Proxy specific variables
		proxy_read_timeout 30m;
		proxy_send_timeout 30m;
		proxy_http_version 1.1;
		proxy_connect_timeout 5s;

		# Needed for NTLM authentication
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";

		#True if only server_name entered
 		location = / {
	       return 301 http://$host/qlikview/index.htm;
        }
		location ~* /qmc {
			#Disable the Log files as it gets very noisy
			access_log    off;
			log_not_found off;
			proxy_pass http://qlikqmc;
		}
		location ~* / {
			#Disable the Log files as it gets very noisy
			access_log    off;
			log_not_found off;
			proxy_pass http://qlikap;
		}
	
	}
}
 

 

HTTPS:

events {
    worker_connections  1024;
}

http {

	##################################################
	######## Customize the Following Sections ########
	##################################################
	
	ssl_certificate ./conf/QVServer.domain.local.pem;
	ssl_certificate_key ./conf/QVServer.domain.local.key;

	##################################################

    # Load balancing with sticky session enabled, minimum ONE backend server
	# If upstream server uses HTTPS toggle proxy_pass options on lines 88/89
    upstream qlikap {
        server name_of_server2:443;
		keepalive 64;
    }
	
	    upstream qlikqmc {
        server name_of_server2:4780;
		keepalive 64;
    }
	
	##################################################

	# Redirect all HTTP traffic to HTTPS
	server {
		listen 80 default_server;
		server_name _;
		return 301 https://$host$request_uri;
	}	

	server {
		listen 443 ssl ;
		listen [::]:443 ssl ;
		server_name name_of_server1;
		
		proxy_pass_header Authorization;
		### Set headers ###
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		
		# X-Forwarded headers
		proxy_set_header X-Forwarded-Host $host;
		proxy_set_header X-Forwarded-Server $host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto https;
		
		# Proxy specific variables
		proxy_read_timeout 30m;
		proxy_send_timeout 30m;
		proxy_http_version 1.1;
		proxy_connect_timeout 5s;

		# Needed for NTLM authentication
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		
		#True if only server_name entered
 		location = / {
	       return 301 https://$host:443/qlikview/index.htm;
        }

		location ~* / {
			#Disable the Log files as it gets very noisy
			access_log    off;
			log_not_found off;
			proxy_pass https://qlikap;
		}

		location ~* /qmc {
			#Disable the Log files as it gets very noisy
			access_log    off;
			log_not_found off;
			proxy_pass http://qlikqmc;
		}
	}
}

 

 

Labels (1)
Comments
vinicius_rosa
Partner - Contributor III
Partner - Contributor III

One important thing

Nginx community version does not support NTLM auth.

http://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm

"This directive is available as part of our commercial subscription."

Unless if you pay for nginx for works well we need in QMC the virtual proxy based on Form Authentication.

 

Version history
Last update:
‎2021-07-02 09:21 AM
Updated by: