Given: a host with two virtual machines, 1 external ip and 2 domain names. on virtual https. The traffic goes first to the host, and from there it is already scattered around the virtual servers, depending on which domain you go to. Proxy pass works correctly if there is no ssl on the virtual machines. It is necessary that it would work with ssl. Questions:

  • How to do this without connecting certificates on the host and disconnecting on virtual? Can this nginx? If so, how?
  • Maybe there is an opportunity to proxy all traffic through it?

Hosts "on the line", bypassing the proxy work correctly. I tried the Stream module, but I could not win it. Config and information about nginx are available at the link: https://pastebin.com/UP7F3hMM

Logs are clean. The browser gives the correct address and error "ERR_SSL_PROTOCOL_ERROR" The option "disable ssl on virtual machines and start on the host" is not appropriate.

  • nginx.org/ru/docs/stream/ngx_stream_ssl_preread_module.html everything seems simple and clear - Alexey Ten
  • If you do not want to terminate ssl on a host, then you have only one option - stream. http-proxy will not work by definition - Alexey Ten
  • @AlexeyTen, tried it, but did not figure out how to work with this module. If there are no other options, then I will try to start everything with him. Thank. - Nikolay Stepanchenko

1 answer 1

The question is solved after all by the failure of SSL on virtualkah.