Welcome! Log In Create A New Profile

Advanced

Re: SSL proxy without certificate

Edho Arief
November 21, 2012 10:28PM
On Thu, Nov 22, 2012 at 10:21 AM, Edmund Lhot <edmund.lhot@gmail.com> wrote:
> Hello!
>
> I want to proxy ssl connections to a backend without a certicate but it
> isn't working:
>
> server {
> listen x.x.x.x:443;
> location / {
> proxy_pass https://y.y.y.y:443;
> }
> }
>
> I tried to use an approach like this (client auth with self generated cert),
> but it didn't work too:
>

How is it not working?

> server {
>
> listen x.x.x.x:443 ssl;
>
> ssl on;
> ssl_certificate /etc/nginx/certs/server.crt;
> ssl_certificate_key /etc/nginx/certs/server.key;
> ssl_client_certificate /etc/nginx/certs/ca.crt;
> ssl_verify_client optional;
>
> location / {
> proxy_pass https://y.y.y.y:443;
>
> }
> }
>
> Must I have the customer certificate to proxy this kind of request or there
> is another way to do this?
>

I think the one you want is tcp layer proxying/balancing which is not
what nginx can do. Try using HAProxy instead.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

SSL proxy without certificate

Edmund Lhot November 21, 2012 10:22PM

Re: SSL proxy without certificate

Edho Arief November 21, 2012 10:28PM

Re: SSL proxy without certificate

Edmund Lhot November 21, 2012 10:50PM

Re: SSL proxy without certificate

Reinis Rozitis November 21, 2012 10:58PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 241
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready