proxy protocol over a plain tcp with ssl
nir
nginx-forum at forum.nginx.org
Thu Jan 11 13:22:47 UTC 2018
I'm trying to configure nginx which is behind an haproxy to pass the proxy
protocol over a plain tcp connection. It works well.
When I add ssl to the equation it fails. Below is the nginx configuration
block I'm using.
Is it a configuration issue or might be that it's not at all possible for
nginx to pass proxy protocol with ssl if the connection is not strictly
https?
stream {
upstream some_backend {
server some_host:18010;
}
server {
listen 8010;
listen 8012 ssl;
proxy_pass some_backend;
proxy_protocol on;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSLTCP:20m;
ssl_session_timeout 4h;
ssl_handshake_timeout 30s;
}
}
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,278113,278113#msg-278113
More information about the nginx
mailing list