So it sounds like if I want to decrypt incoming traffic and upstream traffic I would put them in the same block like this ?
Seems fine.
p.s. just if you trust your backend there is in general no need to use proxy_ssl_verify on; When it’s off (by default) nginx will be fine with whatever certificate the backend server provides as far the the connection is via ssl/tls.
rr _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
