Pass https requests to backend servers

Hello,
here at our company we are setting up an nginx loadbalancer before a
couple
of webservers(2 tomcat/ 2 iis).

The problem that we walk in to is that we want to do the ssl handling on
the
backend servers.
we know how to do it on the nginx server but is it possible for nginx to
pass trough all the ssl requests to the backend without handling itself?

Hope you can help.
grt Peter
(apologize for the bad English)

Dear Sjaak,

On Don 15.07.2010 16:07, Sjaak P. wrote:

Hello,
here at our company we are setting up an nginx loadbalancer before a
couple of webservers(2 tomcat/ 2 iis).

The problem that we walk in to is that we want to do the ssl handling
on the backend servers.
we know how to do it on the nginx server but is it possible for nginx
to pass trough all the ssl requests to the backend without handling
itself?

Afaik no.

You will need some tcp loadbalancer (=haproxy) for this.

You can talk with the backend https if you want to encrypt the
communication between frontend and backend.

proxy_pass https://…

Hth

Aleks

Hey Aleks,
it’s to bad that it is not possible.

but when the traffic between the LB en backend is also encrypted is’nt
it a
double burden for the LB server?

2010/7/15 Aleksandar L. [email protected]

Hi,

The problem that we walk in to is that we want to do the ssl handling on
the
backend servers.
we know how to do it on the nginx server but is it possible for nginx to
pass trough all the ssl requests to the backend without handling itself?

You might try using nginx_tcp_proxy_module [1]. It seems that it should
be
able to handle such scenario, but to be honest I never used it, so you
must
verify this for yourself.

[1] http://github.com/yaoweibin/nginx_tcp_proxy_module

Best regards,
Piotr S. < [email protected] >

Hi Sjaak,

On Don 15.07.2010 17:11, Sjaak P. wrote:

Hey Aleks,
it’s to bad that it is not possible.

but when the traffic between the LB en backend is also encrypted is’nt
it a double burden for the LB server?

Yes.

nginx mailing list
[email protected]
http://nginx.org/mailman/listinfo/nginx

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs