Welcome! Log In Create A New Profile

Advanced

Re: https and nginx as forward proxy

October 20, 2009 02:20AM
On Tue, Oct 20, 2009 at 12:51:02PM +0800, 冉兵 wrote:

> Hi,
>
> I was experimenting using nginx as forward proxy with the conf as attached.
>
> Regular http requests were passed fine. But any https were rejected right away. Firewall was disabled on the proxy server.
>
> Here was the trace with curl, where the proxy runs on 192.168.4.217:81
>
> -------------------------------------8<-----------------------------------------
> $ curl -v -x 192.168.4.217:81 https://jersey.dev.java.net/
> * About to connect() to proxy 192.168.4.217 port 81 (#0)
> * Trying 192.168.4.217... connected
> * Connected to 192.168.4.217 (192.168.4.217) port 81 (#0)
> * Establish HTTP proxy tunnel to jersey.dev.java.net:443
> > CONNECT jersey.dev.java.net:443 HTTP/1.0
> > Host: jersey.dev.java.net:443
> > User-Agent: curl/7.16.3 (i686-pc-cygwin) libcurl/7.16.3 OpenSSL/0.9.8k zlib/1.2.3 libssh2/0.15-CVS
> > Proxy-Connection: Keep-Alive
> >
> < <html>
> < <head><title>400 Bad Request</title></head>
> < <body bgcolor="white">
> < <center><h1>400 Bad Request</h1></center>
> < <hr><center>nginx/0.8.20</center>
> < </body>
> < </html>
> * Proxy CONNECT aborted
> * Closing connection #0
> curl: (56) Proxy CONNECT aborted
> -------------------------------------8<-----------------------------------------

CONNECT differs from other HTTP methods.

> Here is the conf file. The prebuilt Nginx 0.8.20 runs on Windows 2003.
> -------------------------------------8<-----------------------------------------
> worker_processes 1;
>
> events {
> worker_connections 1024;
> }
>
>
> http {
> include mime.types;
> sendfile on;
>
> resolver 208.67.220.220;
>
> server {
> listen 81;
> location / {
> proxy_pass $scheme://$http_host$request_uri;
> }
>
> }
>
> }
> -------------------------------------8<-----------------------------------------
>
> I suspect Nginx has not been designed to be used as a forward proxy. If nginx won't foot the bill, can anyone recommend a free solution please?

Yes, nginx has not been disigned as a forward proxy. You should try squid
which was a forward proxy from the very start.


--
Igor Sysoev
http://sysoev.ru/en/
Subject Author Posted

https and nginx as forward proxy

冉兵 October 20, 2009 12:58AM

Re: https and nginx as forward proxy

Igor Sysoev October 20, 2009 02:20AM

Re: https and nginx as forward proxy

冉兵 October 20, 2009 03:06AM

Re: https and nginx as forward proxy

nexthop October 20, 2009 10:38AM

Re: https and nginx as forward proxy

Igor Sysoev October 20, 2009 12:38PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 132
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready