UDP TLS Termination

SebK nginx-forum at forum.nginx.org
Wed Apr 12 17:53:41 UTC 2017


Vladimir Homutov Wrote:
-------------------------------------------------------
> On Tue, Mar 28, 2017 at 12:25:35PM +0300, Vladimir Homutov wrote:
> > instead of normal DTLS.
> 
> i meant SSL (TLS)  of course.
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

Hi,

I stumbled across this thread in search of answers to my own question
regarding the combination of nginx + DTLS. Since you didn't receive an
answer to your question, Vladimir, here's a use case I am currently working
on: I have an IoT use case using CoAP for client-server-communication. CoAP
in turn uses DTLS for securing its data. All server applications are working
behind an nginx web server. Right now for the DTLS communication nginx is
justed proxiing the udp packets from the client to the server. When using a
PKI instead of a, let's say PSK ciphersuite, I too would think that it would
be be helpful to centralize all TLS specifics e.g. certificate management
within the nginx web server. You should then be able to pass the unencrypted
datagrams to the CoAP server.

Regards,
Sebastian

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,273251,273571#msg-273571



More information about the nginx mailing list