Proxy to upstream HTTPS server *without* any keys/certs in nginx

Gary Chodos gchodos at
Tue Sep 24 17:55:22 UTC 2013


We are researching which tools would allow us to do what is described in
the subject.

After searching the archives here and in other places like stackoverflow,
there seems to be conflicting info on whether this is possible.  Perhaps it
was not doable early in nginx's life but is now?  Based on the below link
(which notes the upstream and reverse proxy modules), can we now have nginx
listen on 443, and pass browser requests to it on to an upstream HTTPS
server which actually serves content, has the certs/keys and takes care of
SSL handshake etc?  In our use case we cannot house any keys/certs on the
nginx box so must proxy everything (including SSL) to the upstream https
box, as if the end user (who makes the request from the browser) hit the
upstream server directly, and doesn't have any missing or mismatching
certificate errors.

I hope my question is clear.  Thanks for your help.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list