Welcome! Log In Create A New Profile

Advanced

Routing Http2 traffic without decrypting tls packets

Jayarajan, Keerthi (AT ASP RTC)
September 02, 2019 01:48PM
Hi,

I'm working in blockchain project for Honeywell. We have blockchain nodes hosted in our cloud. These nodes should connect and talk to external node and vice versa. We are using Nginx as Reverse proxy server through which external node can connect to our nodes. We are using Hyperledger fabric blockchain framework which works on grpc protocol using http2. I found Nginx 1.15.2 supports http2. So I installed it and tested sample grpc application(without tls) successfully. Now, I need external node to talk to our node reverse proxied via Nginx. But our nodes are tls encrypted and client authentication is enabled. I want the external node to talk to internal node as if the Nginx was not there. It should forward everything based on the hostname without decrypting the packets. I tried this ssl_preread directive but It says not allowed for http2. Can you please technically tell how this can be accomplished. Looking forward for your support. If this is feasible, we would like to go with Nginx Plus for production.

Thanks and Regards
Keerthi
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Routing Http2 traffic without decrypting tls packets

Jayarajan, Keerthi (AT ASP RTC) September 02, 2019 01:48PM

Re: Routing Http2 traffic without decrypting tls packets

ru@nginx.com September 03, 2019 10:40AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 88
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready