Welcome! Log In Create A New Profile

Advanced

Using SNI to route proxy_pass to upstream SSL host

Previous Message Next Message
Forum List Message List New Topic Print View
David Mohl
June 22, 2013 11:36PM
Hey guys,

I am trying to get the following setup running:
Nginx is listening to port 443. According to the users host (SNI), it should route the SSL requests to a upstream daemon / host which will take care of SSL certification, handshake and so on.

Nginx should not touch the request, just pass it. 
Since SSL also encrypts the header, it makes this setup a little bit more difficult than expected. A hint on serverfault indicated that SNI might be useful for this?

My current experiment:

server { listen 443; server_name example01.com; location / { proxy_set_header Host $http_host; proxy_pass https://127.0.0.1:8001; } }
server { listen 443; server_name example02.com; location / { proxy_set_header Host $http_host; proxy_pass https://127.0.0.1:8002; } }
server { listen 443; server_name example03.com; location / { proxy_set_header Host $http_host; proxy_pass https://127.0.0.1:8003; } }
server { listen 443; server_name example04.com; location / { proxy_set_header Host $http_host; proxy_pass https://127.0.0.1:8004; } }

However, this doesn't seem to work.

Any ideas on this?


Cheers,
David_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Using SNI to route proxy_pass to upstream SSL host

David Mohl June 22, 2013 11:36PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 316
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready