I have nginx front-ending my node.js server. It has worked well for some time. I am now adding ssl to my setup. I want to terminate the SSL at the front-end nginx because I've heard that node.js HTTPS server is slow.
I studied the docs and set up my conf like this ...
server {
listen 80;
rewrite_log on;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate_key /root/reevuit.com.key;
ssl_certificate /root/reevuit.com.crt;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
keepalive_timeout 60;
location ~ \/(.*images\/.*|.*\.js|.*\.css|.*\.swf)$ {
root /ri/src;
}
location ~ \/($|acct|help|login|main|test).* {
proxy_pass https://localhost:81;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
}
}
This didn't work until I switched my back-end server to accept https and do termination. Should the conf file above be terminating the SSL? If not then can someone give me a hand on fixing it?
Is it possible to accidentally terminate on both the front-end and back-end at the same time? It doesn't seem like this would be possible and it would be the worst of all possible setups.
Edited 1 time(s). Last edit at 08/12/2012 03:19PM by mchahn.