Menu
Is it possible to setup nginx so that it proxies a HTTPS connection without decrypting it? I'm talking about something like this:
server {
listen 443 ssl;
server_name example.com;
location / {
proxy_pass https://localhost:8000;
proxy_set_header X-Real-IP $remote_addr;
}
}
I know, that nginx most likely will need a certificate to add the X-Real-IP header, but can I re-encrypt the proxy?
My motivation behind this is, that I want to pass the traffic through to my Node app, that has SPDY enabled. But for being able to use SPDY in Node, I need the decryption to reside inside the app.
638
No, it's not possible. Nginx will have to use the Host header to match the server_name of this server block. Without decrypting the request, nginx doesn't even know the request header information. So this server block won't even be matched.
Nginx 1.4+ also supports SPDY. http://nginx.org/en/docs/http/ngx_http_spdy_module.html. However, it doesn't support server push yet. If you don't need server push, why not just terminate SSL at nginx level?
186
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
