N00b - confused ssl

Reinis Rozitis r at roze.lv
Wed Apr 26 12:28:15 UTC 2017

> So it sounds like if I want to decrypt incoming traffic and upstream 
> traffic I would put them in the same block like this ?

Seems fine.

p.s. just if you trust your backend there is in general no need to use 
proxy_ssl_verify    on;
When it’s off (by default) nginx will be fine with whatever certificate the 
backend server provides as far the the connection is via ssl/tls.


More information about the nginx mailing list