Welcome! Log In Create A New Profile

Advanced

help with ssl termination

Posted by mchahn 
Forum List Message List New Topic
mchahn
help with ssl termination
August 12, 2012 03:17PM
I have nginx front-ending my node.js server. It has worked well for some time. I am now adding ssl to my setup. I want to terminate the SSL at the front-end nginx because I've heard that node.js HTTPS server is slow.

I studied the docs and set up my conf like this ...

server {
listen 80;
rewrite_log on;
rewrite ^(.*)$ https://$host$1 permanent;
}

server {
listen 443 ssl;

ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate_key /root/reevuit.com.key;
ssl_certificate /root/reevuit.com.crt;

ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

keepalive_timeout 60;

location ~ \/(.*images\/.*|.*\.js|.*\.css|.*\.swf)$ {
root /ri/src;
}

location ~ \/($|acct|help|login|main|test).* {
proxy_pass https://localhost:81;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
}

}

This didn't work until I switched my back-end server to accept https and do termination. Should the conf file above be terminating the SSL? If not then can someone give me a hand on fixing it?

Is it possible to accidentally terminate on both the front-end and back-end at the same time? It doesn't seem like this would be possible and it would be the worst of all possible setups.



Edited 1 time(s). Last edit at 08/12/2012 03:19PM by mchahn.
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 198
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready