Enabling HTTPS via Nginx Reverse Proxy Without Modifying Backend Applications

Preface

Both Google and Apple have been actively promoting the adoption of HTTPS to replace the older HTTP protocol, and even major adult websites in the United States have recently upgraded to HTTPS, underscoring the importance of a more secure web environment for developers.

Upgrading an existing backend service from HTTP to HTTPS can be cumbersome, especially for legacy applications. This guide presents an alternative approach that avoids modifying the original backend code by using Nginx as a reverse‑proxy server.

Nginx

Nginx is a powerful, widely‑used web server known for its simple configuration, high concurrency support, load balancing, and reverse‑proxy capabilities.

Example

The environment setup is omitted for brevity.

1. Prepare a simple HTTP server (e.g., a Node.js "hello world" application).

2. Generate HTTPS certificate files. For demonstration purposes a self‑signed certificate is created with OpenSSL, which is bundled with the Node.js environment, so no additional downloads are required.

The following steps produce mykey.pem and mycert.pem, which will be used later.

3. Configure Nginx as an HTTPS reverse proxy. The configuration file (shown in the image) specifies the original backend server address, the paths to the self‑signed certificate and key, and the proxy pass settings. Additionally, the local hosts file must be edited to map www.rife-nginx.com to 127.0.0.1 for local testing.

4. Test the setup. Start the HTTP server from step 1, apply the hosts file change, then launch Nginx using the command shown in the image.

Finally, open a browser and navigate to www.rife-nginx.com. The browser will warn that the certificate is not trusted (because it is self‑signed); after proceeding, the "hello world" page is displayed over HTTPS.

Conclusion

This tutorial demonstrates how to achieve HTTPS for an existing service by placing Nginx in front as a reverse proxy, offering a simple and effective solution; alternatively, a custom Node.js proxy could be built, but that is beyond the scope of this article.