nginx: forward ssl connection to another server

ssl nginx https forward
J J picture J J · Oct 21, 2015 · Viewed 14.8k times · Source

I have a master nginx server deciding on the incoming server name where to route requests to. For two secondary servers this master nginx server is also holding ssl certificates and keys. The 3rd server is holding his own certificates and keys because there is a frequent update process for those.

My question is now how I can configure the master nginx server to forward all requests to server 3 which are coming in for this server. I cannot copy the certificates and keys from server 3 to the master server as they change too often.

overview servers and http(s) connections

Answer

Mahmoud Eltayeb picture Mahmoud Eltayeb · Apr 24, 2018

Try to proxy the tcp traffic instead of the http traffic 

stream {
    server {
        listen SRC_IP:SRC_PORT;
        proxy_pass DST_IP:DST_PORT;
   }
}

for more details refer to the nginx documentation https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/

Related questions

What does "SSL_CTX_use_PrivateKey_file" "problems getting password error" indicate in Nginx error log?

I'm trying to set up SSL on Nginx. It doesn't work, and I am getting the following error in the error log, which is getting passed up from the OpenSSL library which nginx was compiled with. I don't know what …

Read More
Nginx does redirect, not proxy

I want to set up Nginx as a reverse proxy for a https service, because we have a special usecase where we need to "un-https" a connection: http://nginx_server:8080/myserver ==> https://mysecureservice But what happens is that the …

Read More
nginx proxy based on host when using https

I need to use Nginx as an SSL proxy, which forwards traffic to different back ends depending on the subdomain. I have seem everywhere that I should define multiple "server {" sections but that doesn't work correctly for SSL. Doing that …

Read More