nginx reverse ssl proxy with multiple subdomains
Posted
by
BrianM
on Server Fault
See other posts from Server Fault
or by BrianM
Published on 2013-09-13T19:41:57Z
Indexed on
2013/10/31
3:58 UTC
Read the original article
Hit count: 460
I'm trying to locate a high level configuration example for my current situation. We have a wildcard SSL certificate for multiple subdomains which are on several internal IIS servers.
site1.example.com (X.X.X.194) -> IISServer01:8081
site2.example.com (X.X.X.194) -> IISServer01:8082
site3.example.com (X.X.X.194) -> IISServer02:8083
I am looking to handle the incoming SSL traffic through one server entry and then pass on the specific domain to the internal IIS application. It seems I have 2 options:
Code a location section for each subdomain (seems messy from the examples I have found)
Forward the unencrypted traffic back to the same nginx server configured with different server entries for each subdomain hostname. (At least this appears to be an option).
My ultimate goal is to consolidate much of our SSL traffic to go through nginx so we can use HAProxy to load balance servers.
Will approach #2 work within nginx if I properly setup the proxy_set_header entries?
I envision something along the lines of this within my final config file (using approach #2):
server {
listen Y.Y.Y.174:443; #Internally routed IP address
server_name *.example.com;
proxy_pass http://Y.Y.Y.174:8081;
}
server {
listen Y.Y.Y.174:8081;
server_name site1.example.com;
-- NORMAL CONFIG ENTRIES --
proxy_pass http://IISServer01:8081;
}
server {
listen Y.Y.Y.174:8081;
server_name site2.example.com;
-- NORMAL CONFIG ENTRIES --
proxy_pass http://IISServer01:8082;
}
server {
listen Y.Y.Y.174:8081;
server_name site3.example.com;
-- NORMAL CONFIG ENTRIES --
proxy_pass http://IISServer02:8083;
}
This seems like a way, but I'm not sure if it's the best way. Am I missing a simpler approach to this?
© Server Fault or respective owner