Hi Maxim, I understand. Followup question is:
Is NGINX capable of presenting clients with different SSL certificate based on SNI? As in: stream { server { ssl_certificate foo.example.com <http://foo.example.com/>.crt; ssl_certificate bar.example.com <http://bar.example.com/>.crt; ... } } Best Regards, Danila > On 13 Aug 2018, at 00:12, Maxim Dounin <mdou...@mdounin.ru> wrote: > > Hello! > > On Sun, Aug 12, 2018 at 11:33:25PM +0300, Danila Vershinin wrote: > >> It seems that nginx can accept PROXY protocol fine, but when it >> comes to forwarding, it can only do so only within a stream { >> server { … proxy_protocol on; } } . >> >> Are there any plans to add proxy_protocol on; for regular HTTP >> server blocks so it can be used alongside proxy_pass? This would >> come in very handy in a situation where NGINX is used as SSL >> terminator, e.g.: >> >> NGINX (SSL) → (Proxy protocol) → Varnish. >> >> Varnish supports accepting PROXY protocol. > > There are no such plans, because in HTTP the same connection can > be used for requests from different clients. Consider using > X-Forwarded-For instead. > > -- > Maxim Dounin > http://mdounin.ru/ > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx