ahutchings at nginx.com
Sun May 31 14:40:30 UTC 2015
Unfortunately not with Nginx. You could, however, use stunnel on the backends to do this.
> On 31 May 2015, at 00:58, dethegeek <nginx-forum at nginx.us> wrote:
> I'm setting up nginx as a reverse proxy for a postfix / dovecot setup.
> My imap server requires STARTTLS usage. Nginx seems to not issue STARTTLS
> command before forwarding users credentials.
> Here is the error I found in /var/log/nginx/error.log
> [error] 928#0: *20 upstream sent invalid response: "* BAD [ALERT] Plaintext
> authentication not allowed without SSL/TLS, but your client did it anyway.
> If anyone was listening, the password was exposed.
> I did not found anything in the documentation to ask nginx to issue STARTTLS
> command to the upstream server. Is there a way to achieve this ?
> I did not tried pop3 yet, but I'm expecting the same annoyance. and the same
> answer; let me know if I'm wrong.
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,259279,259279#msg-259279
> nginx mailing list
> nginx at nginx.org
Andrew Hutchings (LinuxJedi)
Senior Developer Advocate
More information about the nginx