Disable only Hostname verification of proxied HTTPS server certificate
Maxim Dounin
mdounin at mdounin.ru
Wed Nov 20 12:48:57 UTC 2019
Hello!
On Thu, Nov 07, 2019 at 10:23:20AM -0500, shivramg94 wrote:
> Is there any way where we can configure nginx to only verify the root of the
> proxied HTTPS server (upstream server) certificate and to skip the host name
> (or domain name) verification?
>
> As I understand, proxy_ssl_verify directive can be used to completely
> enable/disable the verification of proxied HTTPS server certificate but not
> selectively. Is there any directive to only disable the host name
> verification?
No.
You can, however, set a particular name to verify, by using the
"proxy_ssl_name" directive. See http://nginx.org/r/proxy_ssl_name
for details.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list