Nginx: direct ssl connection to another server

Question

Nginx: direct ssl connection to another server

I have a nginx master server defining the name of the incoming server where to send requests. For two secondary servers, this nginx master server also contains ssl certificates and keys. The third server has its own certificates and keys, because there is a frequent update process for them.

Now my question is how to configure the nginx master server to forward all requests to server 3 that come to this server. I cannot copy certificates and keys from server 3 to the main server, because they change too often.

+6

ssl https nginx forward

Jj Oct 21 '15 at 19:55

source share

1 answer

wolfhammer · Answer 1 · 2015-10-21T21:01:33+0000

Here is a configuration that might work. The proxy server is through master and redirects everything to Server3. Use ssl port, but disable ssl.

server { listen 443; server_name myserver.mydomain.whatever; ssl off; access_log /var/log/nginx/myserver.access.log; error_log /var/log/nginx/myserver.error.og; keepalive_timeout 60; location / { set $fixed_destination $http_destination; if ( $http_destination ~* ^https(.*)$ ) { set $fixed_destination http$1; } proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Destination $fixed_destination; # Fix the "It appears that your reverse proxy set up is broken" error. # might need to explicity set https://localip:port proxy_pass $fixed_destination; # force timeout if backend died. proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_read_timeout 90; proxy_redirect http:// https://; } }

Nginx: direct ssl connection to another server

More articles: