4

Is it possible to forward some tls requests based on their domain name to another server (via nginx)?

I have a public nginx server which serves some pages via http and https (in the image b.com). Now I have a VM only reachable via the nginx server, running an apache server. Can I tell my nginx server to forward request (to a.com) to the 10.x.x.x server without touching the tls? Through SNI nginx should know which domain is requested?

I don't have the certificates for a.com on the public server.

Problem

Dirk
  • 241

1 Answers1

1

As far as I know, NGINX cannot forward requests this way: it always manage the ssl handshake by itself.

However, haproxy and sniproxy seems to do the job, according to the answers given in this thread: Can a Reverse Proxy use SNI with SSL pass through?

Stéphane Pinchaux
  • 11