Comment

Comment on NGINX config for TLS passthrough with multiple services?

towerful@programming.dev ⁨9⁩ ⁨months⁩ ago

If you are forwarding to multiple services, TCP proxying isnt going to work.
The proxy server has to know where to send the connection, so it has to be protocol-aware. In this case, http/https is the protocol.

Luckily TLS/HTTPS has functionality for this without having to terminate encryption, called SNI.

Here is an article using SNI and nginx.
gist.github.com/…/c09dbab5e78bf76402966b13fa72b9d…

source

Sort:hotnew top

nutbutter@discuss.tchncs.de ⁨9⁩ ⁨months⁩ ago
Thanks. So, I just have to put this stream block in my nginx.conf file and everything will work? Do I still have to use reverse proxy for my existing WordPress sites? Or can they stay normally configured?

source
- towerful@programming.dev ⁨9⁩ ⁨months⁩ ago
  If they are running on the same server as nginx, then they will need to be proxied as well.
  Only 1 service can bind to a port. So if the webserver doing wordpress is bound to 80/443, nginx will not be able to acquire the port.
  Hence why reverse proxying. Nginx binds 80/443, then forwards to other services on arbitrary ports
  
  source