Welcome! Log In Create A New Profile

Advanced

Change the Outgoing SSL SNI on Streaming Proxy

Posted by chordfastnet 
Change the Outgoing SSL SNI on Streaming Proxy
December 19, 2022 08:56AM
I have an SSL encrypted traffic. The actual proxy directs the traffic to the destination as expected, but if I can't change the outgoing SNI then the destination won't know how to handle the traffic (it's a Kube cluster). It seems like there are ways of doing this for the HTTP modules, but I don't see a way to change the outgoing SNI of the connection in the streaming modules. The protocol isn't HTTP.

Client -> Foo.com (SNI: Foo.com) -> Foobar.com (SNI: Foobar.com)


stream {

upstream backend {
server foobar.com:443;
}

server {
listen 443;
#TCP traffic will be forwarded to the "stream_backend" upstream group from service.
proxy_ssl_server_name on;
ssl_preread on;
proxy_pass backend;

}

}
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 42
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready