I'm trying to configure nginx which is behind an haproxy to pass the proxy protocol over a plain tcp connection. It works well.
When I add ssl to the equation it fails. Below is the nginx configuration block I'm using.
Is it a configuration issue or might be that it's not at all possible for nginx to pass proxy protocol with ssl if the connection is not strictly https?
stream {
upstream some_backend {
server some_host:18010;
}
server {
listen 8010;
listen 8012 ssl;
proxy_pass some_backend;
proxy_protocol on;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSLTCP:20m;
ssl_session_timeout 4h;
ssl_handshake_timeout 30s;
}
}