<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);">Hi all,</font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; background-color: rgb(255, 255, 255);"><br>
</span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="font-size: 14px; display: inline !important;"><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);"><b><u>Question
1</u></b></span></span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="font-size: 14px; display: inline !important;"><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);">Is
it possible to have NGINX reverse proxy to multiple MySQL servers listening on the same port using different names like you can with http? We don't want to perform any load balancing operation on them, we just want to be able to redirect to MySQL instances
based on a logical name, same as on http.</span></span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="font-size: 14px; display: inline !important;"><br>
</span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; background-color: rgb(255, 255, 255);"><b><u>Question
2</u></b></span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; background-color: rgb(255, 255, 255);">When
I try to implement TLS encryption between NGINX and MYSQL Database server, I have the following error on my MySQL Client : ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error</span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="font-size: 14px; display: inline !important;"><br>
</span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; background-color: rgb(255, 255, 255);">I
have the following configuration : Ubuntu server with the MySQL Client <b>//</b> NGINX (with the configuration below)
<b>//</b> MYSQL Database (with SSL activated)</span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="font-size: 14px; display: inline !important;"><b>stream</b><span> {<br>
</span>
<div></div>
<div> <b> upstream</b> mysql1 {</div>
<div> <b>server </b>172.31.39.168:3306;</div>
<div> }</div>
<div></div>
<div> <b> server</b> {</div>
<div> <b> listen </b> 3306;</div>
<div> <b> proxy_pass</b> mysql1;</div>
<div> <b>proxy_ssl</b> on;</div>
<div></div>
<div> <b> proxy_ssl_certificate</b> /etc/ssl/client-cert.pem;</div>
<div> <b> proxy_ssl_certificate_key</b> /etc/ssl/client-key.pem;</div>
<div> <b> #proxy_ssl_protocols </b> TLSv1 TLSv1.1 TLSv1.2;</div>
<div> <b> #proxy_ssl_ciphers </b> HIGH:!aNULL:!MD5;</div>
<div> <b>proxy_ssl_trusted_certificate</b> /etc/ssl/ca-cert.pem;</div>
<div></div>
<div> <b>proxy_ssl_verify</b> on;</div>
<div> <b>proxy_ssl_verify_depth</b> 2;</div>
<div> <b>proxy_ssl_session_reuse</b> on;</div>
<div> }</div>
<div>}</div>
<div><span></span><br>
</div>
<div><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; background-color: rgb(255, 255, 255);">If I comment proxy_ssl* parameters on NGINX, the connection works</span><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; background-color: rgb(255, 255, 255);">
between "</span><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);">Ubuntu server (with the MySQL Client)" and "</span><span style="display: inline !important; background-color: rgb(255, 255, 255); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; font-size-adjust: none"><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);">MYSQL
Database (with SSL activated)"</span></span><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);"> throught "</span><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);">NGINX".</span></div>
<div><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);"><br>
</span></div>
<div><span style="color: rgb(0, 32, 0); font-family: "helvetica neue",arial,sans-serif; font-size: 12pt; display: inline !important; font-size-adjust: none; background-color: rgb(255, 255, 255);">Thanks all</span></div>
</span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="font-size: 14px; display: inline !important;"><b></b><i></i><u></u><b></b><i></i><u></u><br>
</span></font></font></font></div>
<div style="font-size: 12pt;"><font face=""Helvetica Neue",arial,sans-serif"><font color="#002000"><font style="background-color: rgb(255, 255, 255);"><span style="font-size: 14px; display: inline !important;"><br>
</span></font></font></font></div>
<div style="font-size: 12pt;"><font color="#b03200" face=""Helvetica Neue",arial,sans-serif" style="background-color: rgb(255, 255, 255);"></font><br>
</div>
</body>
</html>