SSL pass-through in reverse nginx proxy?

Question

SSL pass-through in reverse nginx proxy?

Is it possible to use the Nginx reverse proxy with SSL Pass-through so that it can send a request to a server that requires certificate authentication for the client.

This means that the server will need to have a client server certificate and will not need a Nginx reverse proxy certificate.

+7

nginx

Samit jain Jul 14 '16 at 10:30

source share

1 answer

Fx · Answer 1 · 2016-09-26T11:25:51+0000

I'm not sure how much it can work in your situation, but newer versions (1.9.3+) of Nginx can send (encrypted) TLS packets directly to the upstream server using stream block :

 stream { server { listen 443; proxy_pass backend.example.com:443; } }

Note that he cannot use the server_name directive, for example (since he essentially works at the TCP level and knows nothing about TLS) and, therefore, cannot create virtual hosts.

SSL pass-through in reverse nginx proxy?

More articles: