NGINX Reverse Proxy & SSL Setup for Artifactory Pro

Information

Using an NGINX reverse proxy provides better security, scalable virtual hosts, HTTPS, and advanced routing for Artifactory Pro in both cloud and on-prem deployments.

Step 1. Install NGINX

sudo apt install nginx -y

Step 2. Create Proxy Config

Create /etc/nginx/sites-available/artifactory:

server {
    listen 80;
    server_name your.domain.com;
    location /artifactory/ {
        proxy_pass http://localhost:8081/artifactory/;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Port $server_port;
        client_max_body_size 2G;
        proxy_read_timeout 900;
    }
}

Link and reload:

sudo ln -s /etc/nginx/sites-available/artifactory /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

Step 3. SSL with Let's Encrypt (Certbot)

Info

Let's Encrypt SSL certificates are free and renew automatically!

sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d your.domain.com

SSL certificates will now be in place and traffic will auto-redirect from HTTP to HTTPS.
Certbot will auto-renew certificates.

Check

Always test your HTTPS setup and disable non-secure (HTTP) endpoints in production!