SSL stream to HTTP2 server

Danila Vershinin ciapnz at
Thu Sep 13 18:26:31 UTC 2018


I’m trying to basically use nginx as replacement to hitch (for Varnish).

Request goes like this: browser → nginx (stream SSL) → varnish (HTTP2 on) → backend HTTP

stream {
    server {
	listen 443 ssl;
        ssl_certificate /etc/letsencrypt/live/;
        ssl_certificate_key /etc/letsencrypt/live/;
        proxy_protocol on;

With the above, I’m getting HTTP/1.1 in browser.
When I replace nginx with hitch, I get HTTP/2.

From Hitch docs: "Hitch will transmit the selected protocol as part of its PROXY header” Does nginx have same capability?

In general, is nginx capable of being SSL terminator for HTTP/2 backends using TCP streams? (while delivering HTTP/2 to supporting clients). I’m interested in using TCP streams since only those will allow use of PROXY protocol to upstream.

Best Regards,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <>

More information about the nginx mailing list