Setup SSL TerminationΒΆ

SpectX Server installations in an enterprise environment allowing users to connect remotely must be secured using SSL/TLS to make sure that no sensitive data is sent over the wire in plain text. This can be implemented using NGINX or Apache as a reverse proxy in front of SpectX Server.


You need to make sure that:

  • The SpectX Server WebUI service is exposed only to reverse proxy and is not accessible for end-users.
  • The TLS certificates of the server must be valid and trusted by end-users.

Example. Configuring NGINX TLS terminating reverse proxy for SpectX Server instance exposed on localhost port 8838. The hostname for the setup is The TLS certificate and respective private key files are placed in the /etc/ssl directory.

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        return 301 https://$host$request_uri;
server {

        # SSL configuration

        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;


        ssl_certificate    /etc/ssl/;
        ssl_certificate_key /etc/ssl/;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
        # ...