Proxy to upstream HTTPS server *with different* keys/certs in nginx
Lukas Tribus
luky-37 at hotmail.com
Mon Feb 10 14:44:13 UTC 2014
Hi,
> I'll rephrase the question. I'm interested in server certificates (not
> client). The ssl_certificate_key file is used as a private key for the
> server to decrypt ssl connections for clients. I'm looking to configure
> another key for encrypting ssl connections from niginx server to upstream
> server.
Thats the point exactly. You don't need a key to encrypt ssl connections from
nginx to upstream https servers, EXPECT if you are using client certificates.
So either you want to specify the CA file to verify the upstream servers
certificate and you do not use client certificates (no pem file, no key)
OR
you are using client certificates, which is way you need a certificate + key
on the nginx side to connect to upstream https.
So what exactly are you trying to achieve?
More information about the nginx
mailing list