Disable only Hostname verification of proxied HTTPS server certificate

Maxim Dounin mdounin at mdounin.ru
Wed Nov 20 12:48:57 UTC 2019


Hello!

On Thu, Nov 07, 2019 at 10:23:20AM -0500, shivramg94 wrote:

> Is there any way where we can configure nginx to only verify the root of the
> proxied HTTPS server (upstream server) certificate and to skip the host name
> (or domain name) verification?
> 
> As I understand, proxy_ssl_verify directive can be used to completely
> enable/disable the verification of proxied HTTPS server certificate but not
> selectively. Is there any directive to only disable the host name
> verification?

No.

You can, however, set a particular name to verify, by using the 
"proxy_ssl_name" directive.  See http://nginx.org/r/proxy_ssl_name 
for details.

-- 
Maxim Dounin
http://mdounin.ru/


More information about the nginx mailing list