1

I need to setup nginx as https proxy, but this did not work:

$ export https_proxy="http://127.0.0.1:8081"
$ curl https://example.com
curl: (56) Received HTTP code 400 from proxy after CONNECT

My nginx.conf:

server {
    listen          8081;
    location / {
            proxy_pass              http://some.proxy.com:3128;
            proxy_set_header        Host            $http_host;
    }
}
kubanczyk
  • 13,502
  • 5
  • 40
  • 55
Pavel Nazarov
  • 23
  • 1
  • 3

1 Answers1

4

There is a misunderstanding here. There are two types of http proxy that are two completely different animals: a reverse proxy and a forward proxy. Don't mix them.

Forward proxy is visible for a client OS (e.g. export https_proxy) or a browser. Client side knows it needs to talk slightly differently and a forward proxy server doesn't behave like a regular webserver.

Reverse proxy is almost a normal webserver and the behavior is invisible to client side. An nginx example is proxy_pass. There are some dirty tricks to employ a reverse proxy as a forward http proxy in a limited way, but it doesn't work at all as a forward https proxy because of the CONNECT verb.

So a forward proxy would be better named a "client-side proxy". A reverse proxy would be a "server-side proxy". (Forward/reverse proxy is a horrible nomenclature in my opinion.)

Don't use nginx as a forward proxy. It's intended to be used as a regular webserver or a reverse proxy.

kubanczyk
  • 13,502
  • 5
  • 40
  • 55
  • Thanks for an explanation! Maybe you can guide me to a proper solution - I need proxy with vhost and auth support (that's why my first thought was about nginx). Squid? Anything else? – Pavel Nazarov Apr 14 '18 at 21:56