nginx Digest, Vol 132, Issue 24

Hiwa hahiwa at gmail.com
Wed Oct 28 21:40:39 UTC 2020


Hello dears i want to install nginx as proxy cache server how can i do it
and where i can get license..

On Wed, 28 Oct 2020, 3:00 pm , <nginx-request at nginx.org> wrote:

> Send nginx mailing list submissions to
>         nginx at nginx.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://mailman.nginx.org/mailman/listinfo/nginx
> or, via email, send a message with subject or body 'help' to
>         nginx-request at nginx.org
>
> You can reach the person managing the list at
>         nginx-owner at nginx.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of nginx digest..."
>
>
> Today's Topics:
>
>    1. nginx-1.19.4 (Maxim Dounin)
>    2. upstream SSL certificate does not match "x.x.x.x" (bouvierh)
>    3. Nginx logging phase (Vikas Kumar)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 27 Oct 2020 18:26:06 +0300
> From: Maxim Dounin <mdounin at mdounin.ru>
> To: nginx at nginx.org
> Subject: nginx-1.19.4
> Message-ID: <20201027152606.GD50919 at mdounin.ru>
> Content-Type: text/plain; charset=us-ascii
>
> Changes with nginx 1.19.4                                        27 Oct
> 2020
>
>     *) Feature: the "ssl_conf_command", "proxy_ssl_conf_command",
>        "grpc_ssl_conf_command", and "uwsgi_ssl_conf_command" directives.
>
>     *) Feature: the "ssl_reject_handshake" directive.
>
>     *) Feature: the "proxy_smtp_auth" directive in mail proxy.
>
>
> --
> Maxim Dounin
> http://nginx.org/
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 28 Oct 2020 00:28:04 -0400
> From: "bouvierh" <nginx-forum at forum.nginx.org>
> To: nginx at nginx.org
> Subject: upstream SSL certificate does not match "x.x.x.x"
> Message-ID:
>         <
> e2daca895c920269e52b2b369cea2fa9.NginxMailingListEnglish at forum.nginx.org>
>
> Content-Type: text/plain; charset=UTF-8
>
> Hello,
>
> I have a configuration an nginx proxy server "NGINX_SERVER" as the
> following:
>         listen 443 ssl default_server;
>
>         chunked_transfer_encoding on;
>
>         ssl_certificate        server.crt;
>         ssl_certificate_key    private_key_server.pem;
>         ssl_client_certificate trustedCA.crt;
>         #ssl_verify_depth 7;
>         ssl_verify_client optional_no_ca;
>
>         location / {
>             proxy_http_version 1.1;
>             resolver 127.0.0.11;
>             proxy_ssl_trusted_certificate trustedCA.crt;
>             proxy_ssl_verify_depth 7;
>             proxy_ssl_verify       on;
>             proxy_pass          https://13.78.229.75:443;
>         }
>
> The server "13.78.229.75" has a server certificate generate for an IP. When
> I do
> curl  --cacert trustedCA.crt https://13.78.229.75:443 -v
> from "NGINX_SERVER", everything works fine. So the server certificate from
> "13.78.229.75" should be good.
> Additionnally openssl s_client -connect 13.78.229.75:443 -showcerts
> -verify
> 9 -CAfile trustedCA.crt is good too.
>
> However when I try to curl my "NGINX_SERVER":
> curl https://"NGINX_SERVER
> I get:
>  *110 upstream SSL certificate does not match "13.78.229.75" while SSL
> handshaking to upstream, client: 13.78.128.54, server: , request:
>
> Looking at the server certificate, everything looks ok:
>         Subject: CN = 13.78.229.75
>             X509v3 Subject Alternative Name:
>                 IP Address:13.78.229.75, DNS:iotedgeapiproxy
>
> I am at loss. How can curl/openssl tell me my server cert is valid while
> nginx telling me it is wrong. What am I doing wrong?
> Thank you!
> Hugues
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,289813,289813#msg-289813
>
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 28 Oct 2020 14:14:40 +0530
> From: Vikas Kumar <hershil at gmail.com>
> To: nginx at nginx.org
> Subject: Nginx logging phase
> Message-ID:
>         <CAExPge647t7PWvdYrSNzivprrjYHHyrAj11opCe=
> qoD30QGr_w at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> I'm writing an Nginx plugin (using Openresty Lua) which increments a
> counter when a request is received (in ACCESS phase) and decrements the
> counter when request is processed (in LOG phase) in order to keep track of
> in-flight requests.
>
> I've seen some cases where the counter increments but does not decrement
> and reaches a very high value, but can't reproduce. The core of my logic
> depends on the accurate value of the in-flight requests counter.
>
> I wanted to ask if there are any cases where, for a request, ACCESS phase
> is called and LOG phase is not called.
>
> I can paste the relevant code if required.
>
> Thanks.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://mailman.nginx.org/pipermail/nginx/attachments/20201028/f7c7b119/attachment-0001.htm
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
> ------------------------------
>
> End of nginx Digest, Vol 132, Issue 24
> **************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20201029/f4ef5d07/attachment.htm>


More information about the nginx mailing list