SSL load balancing

Marlon de Boer marlon at
Thu Jul 3 01:50:08 MSD 2008

Max Sevenfold wrote:
> Hello,
> Is it possible to use nginx as load balancer for SSL traffic?
Yes, see example below

server {
                listen                  443 default;
                ssl_verify_client       off;

                ssl on;
                ssl_certificate         /etc/nginx/nginx.cert;
                ssl_certificate_key     /etc/nginx/nginx.key;
                ssl_session_cache       shared:ssl:100m;

                location / {
                        proxy_pass              http://non-ssl-backend;
                        proxy_redirect          off;
                        proxy_set_header        Host             $host;
                        proxy_set_header        X-HTTPS          on;
                        proxy_set_header        X-Real-IP        
                        proxy_set_header        X-Forwarded-For  
                        proxy_set_header        X-Client-Verify  SUCCESS;
                        proxy_set_header        X-SSL-Subject    
                        proxy_set_header        X-SSL-Issuer     

> Will connections from nginx to web servers be encrypted?
No the connection will be forwarded to the backend via clear http
> What are encryption options are available?
I think all ciphers from the openssl library.
> Is there some fast non SSL encryption available? (e.g. symmetric keys)
Not that I know off.

Marlon de Boer
System administrator

More information about the nginx mailing list