Need SSL state to be visible behind a double nginx proxy

Nick Pearson nick.pearson at gmail.com
Fri Oct 31 00:41:43 MSK 2008


Hi Almir,

You're correct that nginx should listen on 80 for http and 443 for https,
and that's what I show in my example for the front-end servers.  It's the
back-end nginx that is listening on arbitrary ports.  The back-end nginx
will not be accessed directly from any client computers -- all requests will
be proxied through the front-end servers first.  (Please see my original
post for an explanation of why this is necessary.)

Nick


On Thu, Oct 30, 2008 at 4:20 PM, Almir Karic <almir at kiberpipa.org> wrote:

> On Thu, Oct 30, 2008 at 03:29:47PM -0500, Nick Pearson wrote:
> > I'm going to try tonight to get this working as you have suggested.  I'm
> > hoping that I'll be able to do it without using too many IPs, because
> then
> > I'll run into my original problem (the IP limit imposed by my hosting
> > provider).  I believe your solution of listening on the same IP on
> multiple
> > ports should work, though.  I'll just assign two listen ports on the
> > back-end nginx for each site -- one for http and one for https.
>
> no. for each ssl https you want visible to world you have to have one ip,
> unless off course you want to tell your visitors/costumers that they enter
> https://your-site.com:444 to enter the site.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20081030/dd8abbef/attachment.html>


More information about the nginx mailing list