nginx http to https proxy with self-signed certificate

16

4

I have an nginx proxy to redirect http requests with a specified port to another https url.

Here is my configuration so far:

server {
   listen 59848;
   location / {
      resolver 8.8.8.8;
      proxy_pass https://example.com$uri$is_args$args;
   }
}

Note that "example.com" is only used for this example and later I will restrict the request to be sent only from localhost.

This works just fine, as long as the server behind the "proxy_pass" url uses a valid SSL certificate signed by a well known CA Authority (which root certificate somehow used by nginx).

But I have the problem that I have to use a custom self-signed SSL client Certificate on the nginx-side. Does somebody know how to install this self-signed certificate to nginx?

Jakob

Posted 2015-02-26T07:56:37.147

Reputation: 171

Did you make this work? I tried your and similar configuration, but anyway client can't connect due to server doesn't at all listen the port specified. Only this server directive doesn't work. But nginx starts and listen to another ports specified in config. – 4xy – 2018-05-19T14:04:47.933

Answers

14

nginx allows usage of self-signed certificates by default:

Syntax:     proxy_ssl_verify on | off;
Default:    proxy_ssl_verify off;
Context:    stream, server
Enables or disables verification of the proxied server certificate.

remove the proxy_ssl_verify directive or set it to off.
Read more about it here:
https://www.nginx.com/resources/admin-guide/nginx-tcp-ssl-upstreams/
http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_verify

unNamed

Posted 2015-02-26T07:56:37.147

Reputation: 371

Asked: 2015-02-26T07:56:37.147

Viewed: 21 798 times

Active: 2017-03-10T07:36:31.657