Welcome! Log In Create A New Profile


Problem on Running SSL and Non-SSL Protocols over the Same Port

Posted by esingress 
Problem on Running SSL and Non-SSL Protocols over the Same Port
October 21, 2021 05:28AM
Hi All,

Follow this guide,

here is my setting

Router (
Nginx (
Nextcloud Server (
SFTP Server (
Since I don't want open 443 port to public, I set up a port forward in router. Router (port: 12345) -> Nginx (port: 443)


worker_processes 1;

events {
worker_connections 1024;

stream {
upstream ssh {

upstream web {

map $ssl_preread_protocol $upstream {
default ssh;
"TLSv1.2" web;

# SSH and SSL on the same port
server {
listen 443;
proxy_pass $upstream;
ssl_preread on;

http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;

# Redirect all HTTP traffic to HTTPS
server {
listen 80 default_server;
listen [::]:80 default_server;

return 301 https://$host$request_uri;

server {
listen 443 ssl http2;

server_name 'nextcloud.test.com';
access_log /var/log/nginx/cloud.access.log;
error_log /var/log/nginx/cloud.error.log;

include snippets/nextcloud.test.com.cert.conf;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $server_name:12345;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;

location / {
include snippets/proxy-params.conf;

location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;

location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;

client_max_body_size 1999M;


if I set "listen 443" under stream, it cannot connect the SFTP, other web is ok.

if I set other listen port in stream, for example "listen 12345" and set a port forward in router. Router (port: 12345) -> Nginx (port: 12345)

All become OK.

Any idea?


Edited 1 time(s). Last edit at 10/21/2021 05:29AM by esingress.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 113
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready