El 6/7/22 a las 10:47, Francis Daly escribió:
> On Tue, Jul 05, 2022 at 12:53:05PM +0000, Daniel Armando Rodriguez via nginx wrote:
>> El 2022-07-02 08:24, Francis Daly escribió:
>>> On Fri, Jun 24, 2022 at 04:23:54PM -0300, Daniel Armando Rodriguez
>>> wrote:
> Hi there,
>
>>>> Made this representation to illustrate the situation.
>>>> https://i.postimg.cc/Zq1Ndyws/scheme.png
>> What I need to do is allowing traefik "black" box to negotiate SSL
>> certificate directly with Let's Encrypt, that was intended to be referred as
>> stream.
> I think you are saying that you want nginx to be a "plain" tcp-forwarder
> in this case.
>
> (I'm not certain *why* that matters here, but that's ok; I don't need
> to understand it ;-) .)
>
> Doeshttp://nginx.org/en/docs/stream/ngx_stream_proxy_module.html work
> for you?
>
> Something like
>
> ==
> stream {
> server {
> listen nginx-ip:443;
> proxy_pass traefik-ip:443;
> }
> }
> ==
>
> (If you have a stream listener on an IP:port, you cannot also have a
> http listener on that same IP:port.)
>
> Your picture also shows some blue lines on the left-hand
> side, so it may be that you also want something like
> http://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html,
> to choose which "upstream" to proxy_pass to, depending on the server
> name presented in the SSL connection to nginx.
>
> Cheers,
>
> f
Nginx is actually working as RP for several subdomains for which is also
SSL termination. The traefik box is out of my scope, but it has the
ability to negotiate TLS certificates for its own. That's why I need to
forward just specific subdomain TCP traffic to it.
________________________________________________
*Daniel A. Rodriguez*
/Informática, Conectividad y Sistemas/
Universidad Nacional del Alto Uruguay
San Vicente - Misiones - Argentina
informatica.unau.edu.ar https://informatica.unau.edu.ar
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org