Join Log in
Score:1
Constantin avatar Server

Use NGINX as a proxy to terminate SSL and forward request to target with HTTP

cn flag
Constantin

Assumptions

  • Client requests target websites using HTTPS
  • NGINX server is passed as HTTP proxy for said requests
  • Client and NGINX server can share an SSL certificate

Objective

Allow NGINX to decrypt the request and forward it via HTTP to the end target.

Conclusion

Given that this is possible, what is the technique called and how is it implemented in NGINX?

292
0 + 0
ssl
Orphans avatar
cn flag
Orphans
It is called ReverseProxy - there is quite alot of info about it out there
0
Reply
Constantin avatar
cn flag
Constantin
That's really not enough. what I'm trying to achieve is MITM / Traffic Interception
0
Reply
Ginnungagap avatar
gu flag
Ginnungagap
A MitM is little more than an illegitimate reverse proxy, so @Orphans' comment is on point and exactly what you're describing.
0
Reply
Ginnungagap avatar
gu flag
Ginnungagap
Or you're looking for a TLS capable proxy in which case NGINX isn't the right tool and product recommendations are off-topic.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.