https and nginx as forward proxy

冉兵 bing_ran at hotmail.com
Tue Oct 20 11:01:10 MSD 2009 

Thanks Igor. I have successfully set up Apache web server as a forward 
proxy.



--------------------------------------------------
From: "Igor Sysoev" <is at rambler-co.ru>
Sent: Tuesday, October 20, 2009 2:12 PM
To: <nginx at sysoev.ru>
Subject: Re: https and nginx as forward proxy

> On Tue, Oct 20, 2009 at 12:51:02PM +0800, 冉兵 wrote:
>
>> Hi,
>>
>> I was experimenting using nginx as forward proxy with the conf as 
>> attached.
>>
>> Regular http requests were passed fine. But any https were rejected right 
>> away. Firewall was disabled on the proxy server.
>>
>> Here was the trace with curl, where the proxy runs on 192.168.4.217:81
>>
>> -------------------------------------8<-----------------------------------------
>> $ curl -v -x 192.168.4.217:81 https://jersey.dev.java.net/
>> * About to connect() to proxy 192.168.4.217 port 81 (#0)
>> *   Trying 192.168.4.217... connected
>> * Connected to 192.168.4.217 (192.168.4.217) port 81 (#0)
>> * Establish HTTP proxy tunnel to jersey.dev.java.net:443
>> > CONNECT jersey.dev.java.net:443 HTTP/1.0
>> > Host: jersey.dev.java.net:443
>> > User-Agent: curl/7.16.3 (i686-pc-cygwin) libcurl/7.16.3 OpenSSL/0.9.8k 
>> > zlib/1.2.3 libssh2/0.15-CVS
>> > Proxy-Connection: Keep-Alive
>> >
>> < <html>
>> < <head><title>400 Bad Request</title></head>
>> < <body bgcolor="white">
>> < <center><h1>400 Bad Request</h1></center>
>> < <hr><center>nginx/0.8.20</center>
>> < </body>
>> < </html>
>> * Proxy CONNECT aborted
>> * Closing connection #0
>> curl: (56) Proxy CONNECT aborted
>> -------------------------------------8<-----------------------------------------
>
> CONNECT differs from other HTTP methods.
>
>> Here is the conf file. The prebuilt Nginx 0.8.20 runs on Windows 2003.
>> -------------------------------------8<-----------------------------------------
>> worker_processes  1;
>>
>> events {
>>     worker_connections  1024;
>> }
>>
>>
>> http {
>>     include       mime.types;
>>     sendfile        on;
>>
>>     resolver 208.67.220.220;
>>
>>     server {
>>         listen       81;
>>         location / {
>>               proxy_pass $scheme://$http_host$request_uri;
>>         }
>>
>>     }
>>
>> }
>> -------------------------------------8<-----------------------------------------
>>
>> I suspect Nginx has not been designed to be used as a forward proxy. If 
>> nginx won't foot the bill, can anyone recommend a free solution please?
>
> Yes, nginx has not been disigned as a forward proxy. You should try squid
> which was a forward proxy from the very start.
>
>
> -- 
> Igor Sysoev
> http://sysoev.ru/en/
>
>

More information about the nginx mailing list