On Sun, Nov 20, 2022 at 1:07 PM masber masber <masber@hotmail.com> wrote:

> dear nginx community,
>
> I would like to communicate with a client with a server application, they
> can't see each other directly and I would like to use an nginx server to
> solve this. The communication goes through HTTPS which is already set up on
> the server. I was wondering whether it would be possible to configure nginx
> proxy without SSL termination.
>
> I currently have this as a configuration
>
> server {
> listen 6442;
> location / {
> proxy_pass https://kubeapi-vip.local:6442$uri$is_args$args;
> }
> }
>
> This works for HTTP but I am getting the following error when trying to
> access the server through HTTPS
>
> curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
>
> I assume this is because the client expects nginx to have the certificate
> configured. Am I right?
>
> What can I do in order to have nginx proxy without SSL termination?
>
> thank you very much
> _______________________________________________
> nginx mailing list -- nginx@nginx.org
> To unsubscribe send an email to nginx-leave@nginx.org


Use the stream module for this, you basically do layer3/4 tunnel to the
backend. Of course you won’t see any payload or be part of the higher level
application decision making process at the nginx if you do this.

stream {
upstream stream_backend {
server backend1.example.com:port;
server backend2.example.com:port;
}
server {
listen port;
proxy_pass stream_backend;
}
}


Cheers,

Payam


--
Payam Tarverdyan Chychi
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org