Environment: Nginx, Node.js
I've read the Nginx Docs on Resolver, I understand it's used for DNS and I include it in my config. However I don't entirely understand what it's doing or when and why I need it.
In the simplified config below when I turn on the nginx and node.js servers and request pages in the browser everything works as expected and no warnings or errors are thrown. The IP addresses I'm using in resolver are google's public DNS servers.
http {
resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844];
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
root /srv/example/views/public;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:8080;
}
}
}
However when I remove resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844]; boot the servers and request pages I get a warning in my error.log. At the same time everything works fine in the browser and no error or warning is sent to the client.
2020/12/11 20:04:24 [warn] 1191#1191: no resolver defined to resolve r3.o.lencr.org while requesting certificate status, responder: r3.o.lencr.org, certificate: "/etc/letsencrypt/live/example.com/fullchain.pem"
It's easy enough to keep the reference to Google's DNS servers as my resolver value and avoid the warning but I'm not entirely sure what is happening. Because I don't know what this directive is doing I'm not entirely sure if Google's DNS servers are the correct choice. I believe I only need resolver if I'm also using the proxy_pass directive but I'm not entirely sure of that.
Question: What is resolver doing and when is it called or not called? I understand it's performing DNS but I'm not sure when or why.
