proxy doesn't cache

Stefan Xenon stefanxe at gmx.net
Fri May 10 03:13:42 UTC 2013


Hi!
I want to use nginx as a caching proxy in front of an OCSP responder.
The OCSP requests are transmitted via HTTP POST.

Hence, I configured nginx as follows:

proxy_cache_path  /tmp/nginx/cache levels=1:2 keys_zone=my-cache:8m
max_size=1000m inactive=600m;
server {
  server_name localhost;
  location / {
    proxy_pass  http://213.154.225.237:80; #ocsp.cacert.org
    proxy_cache my-cache;
    proxy_cache_methods    POST;
    proxy_cache_key        "$scheme$proxy_host$uri$request_body";
    proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
    proxy_set_header        Host            $host;
    proxy_set_header        X-Real-IP       $remote_addr;
  }
)

I can access the OCSP responder through nginx and responses are received
as expected - no issue. The problem is that nginx doesn't cache the
responses. Note that OCSP nonces are *not* being sent as part of the
request. Using Wireshark and nginx' debug log, I verified that all my
requests are identical. How to configure nginx that it caches the responses?

Note, I use the following command for testing:
openssl ocsp -issuer cacert.crt -no_nonce -CAfile CAbundle.crt -url
http://localhost/ -serial <SERIAL>

Thanks a lot for your help!
Stefan



More information about the nginx mailing list