nginx Digest, Vol 132, Issue 24
Hiwa
hahiwa at gmail.com
Wed Oct 28 21:40:39 UTC 2020
Hello dears i want to install nginx as proxy cache server how can i do it
and where i can get license..
On Wed, 28 Oct 2020, 3:00 pm , <nginx-request at nginx.org> wrote:
> Send nginx mailing list submissions to
> nginx at nginx.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.nginx.org/mailman/listinfo/nginx
> or, via email, send a message with subject or body 'help' to
> nginx-request at nginx.org
>
> You can reach the person managing the list at
> nginx-owner at nginx.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of nginx digest..."
>
>
> Today's Topics:
>
> 1. nginx-1.19.4 (Maxim Dounin)
> 2. upstream SSL certificate does not match "x.x.x.x" (bouvierh)
> 3. Nginx logging phase (Vikas Kumar)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 27 Oct 2020 18:26:06 +0300
> From: Maxim Dounin <mdounin at mdounin.ru>
> To: nginx at nginx.org
> Subject: nginx-1.19.4
> Message-ID: <20201027152606.GD50919 at mdounin.ru>
> Content-Type: text/plain; charset=us-ascii
>
> Changes with nginx 1.19.4 27 Oct
> 2020
>
> *) Feature: the "ssl_conf_command", "proxy_ssl_conf_command",
> "grpc_ssl_conf_command", and "uwsgi_ssl_conf_command" directives.
>
> *) Feature: the "ssl_reject_handshake" directive.
>
> *) Feature: the "proxy_smtp_auth" directive in mail proxy.
>
>
> --
> Maxim Dounin
> http://nginx.org/
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 28 Oct 2020 00:28:04 -0400
> From: "bouvierh" <nginx-forum at forum.nginx.org>
> To: nginx at nginx.org
> Subject: upstream SSL certificate does not match "x.x.x.x"
> Message-ID:
> <
> e2daca895c920269e52b2b369cea2fa9.NginxMailingListEnglish at forum.nginx.org>
>
> Content-Type: text/plain; charset=UTF-8
>
> Hello,
>
> I have a configuration an nginx proxy server "NGINX_SERVER" as the
> following:
> listen 443 ssl default_server;
>
> chunked_transfer_encoding on;
>
> ssl_certificate server.crt;
> ssl_certificate_key private_key_server.pem;
> ssl_client_certificate trustedCA.crt;
> #ssl_verify_depth 7;
> ssl_verify_client optional_no_ca;
>
> location / {
> proxy_http_version 1.1;
> resolver 127.0.0.11;
> proxy_ssl_trusted_certificate trustedCA.crt;
> proxy_ssl_verify_depth 7;
> proxy_ssl_verify on;
> proxy_pass https://13.78.229.75:443;
> }
>
> The server "13.78.229.75" has a server certificate generate for an IP. When
> I do
> curl --cacert trustedCA.crt https://13.78.229.75:443 -v
> from "NGINX_SERVER", everything works fine. So the server certificate from
> "13.78.229.75" should be good.
> Additionnally openssl s_client -connect 13.78.229.75:443 -showcerts
> -verify
> 9 -CAfile trustedCA.crt is good too.
>
> However when I try to curl my "NGINX_SERVER":
> curl https://"NGINX_SERVER
> I get:
> *110 upstream SSL certificate does not match "13.78.229.75" while SSL
> handshaking to upstream, client: 13.78.128.54, server: , request:
>
> Looking at the server certificate, everything looks ok:
> Subject: CN = 13.78.229.75
> X509v3 Subject Alternative Name:
> IP Address:13.78.229.75, DNS:iotedgeapiproxy
>
> I am at loss. How can curl/openssl tell me my server cert is valid while
> nginx telling me it is wrong. What am I doing wrong?
> Thank you!
> Hugues
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,289813,289813#msg-289813
>
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 28 Oct 2020 14:14:40 +0530
> From: Vikas Kumar <hershil at gmail.com>
> To: nginx at nginx.org
> Subject: Nginx logging phase
> Message-ID:
> <CAExPge647t7PWvdYrSNzivprrjYHHyrAj11opCe=
> qoD30QGr_w at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> I'm writing an Nginx plugin (using Openresty Lua) which increments a
> counter when a request is received (in ACCESS phase) and decrements the
> counter when request is processed (in LOG phase) in order to keep track of
> in-flight requests.
>
> I've seen some cases where the counter increments but does not decrement
> and reaches a very high value, but can't reproduce. The core of my logic
> depends on the accurate value of the in-flight requests counter.
>
> I wanted to ask if there are any cases where, for a request, ACCESS phase
> is called and LOG phase is not called.
>
> I can paste the relevant code if required.
>
> Thanks.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://mailman.nginx.org/pipermail/nginx/attachments/20201028/f7c7b119/attachment-0001.htm
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
> ------------------------------
>
> End of nginx Digest, Vol 132, Issue 24
> **************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20201029/f4ef5d07/attachment.htm>
More information about the nginx
mailing list