> So it sounds like if I want to decrypt incoming traffic and upstream
> traffic I would put them in the same block like this ?
Seems fine.
p.s. just if you trust your backend there is in general no need to use
proxy_ssl_verify on;
When it’s off (by default) nginx will be fine with whatever certificate the
backend server provides as far the the connection is via ssl/tls.
rr
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx