I need to send data to some backend servers using HTTPS, but it seems like nginx doesn't verify the certificate on the backend server. For instance, if I specify `proxy_pass https://example.com` and the certificate on example.com is invalid, nginx still completes the request without any warning. I'd prefer it if nginx checked whether the certificate could be verified during the SSL handshake, and abort the request if the certificate isn't valid. Is it possible to somehow enable certificate verification of the proxied server's certificate? And if it's not possible to verify the certificate, what's the point in using (or being able to use) an HTTPS backend then? The reason I need SSL encryption is that traffic from my nginx server will be passed via public networks to the backend servers. Thanks, Rune Posted at Nginx Forum: http://forum.nginx.org/read.php?2,235567,235567#msg-235567
on 2013-01-25 09:27
on 2013-01-25 09:47
It's possible to do what I want with the mod_ssl module for Apache. The relevant directive is called `SSLProxyVerify` http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#.... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,235567,235568#msg-235568
on 2013-01-25 10:11
I just found this ticket which appears to describe (and solve) the same issue http://trac.nginx.org/nginx/ticket/13 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,235567,235570#msg-235570
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.