Interest in extending FastCGI / SCGI support to allow TLS encrypted connections to back end?
Peter Vereshagin
peter at vereshagin.org
Mon Jan 21 07:31:41 UTC 2013
Hello.
2013/01/21 07:07:46 +0000 Some Developer <someukdeveloper at gmail.com> => To nginx at nginx.org :
SD> On 20/01/13 15:10, Peter Vereshagin wrote:
SD> > 2013/01/18 17:45:13 +0000 Some Developer <someukdeveloper at gmail.com> => To nginx at nginx.org :
SD> > What's messy with your 'stunnel'? Why shouldn't you use the 'nginx' on the
SD> > backend side with https as an uplink protocol? The your 'fastcgi client' nginx
SD> > should use then the 'nginx on a backend side' as an https upstream.
SD>
SD> I'm not sure I completely understand your point here. Are you suggesting
SD> that you just run a simple Nginx server on the application so that the
SD> front end Nginx server can just pass the requests to the Nginx on the
SD> application server via HTTPS and then the local Nginx server just passes
SD> the requests on to the application server on 127.0.0.1?
Short answer: yes.
127.0.0.1 or local socket or DMZ neighbor (the whatever).
What's wrong with stunnel then?
I have my interest as an author of 'fcgi_spawn' for perl 'cgi alike' apps:
http://search.cpan.org/dist/FCGI-Spawn/bin/fcgi_spawn
Had never mind about SSL'ing the socket to listen for...
Thank you.
--
Peter Vereshagin <peter at vereshagin.org> (http://vereshagin.org) pgp: 1754B9C1
More information about the nginx
mailing list