Nginx as https proxy
There is a misunderstanding here. There are two types of http proxy that are two completely different animals: a reverse proxy and a forward proxy. Don't mix them.
Forward proxy is visible for a client OS (e.g. export https_proxy
) or a browser. Client side knows it needs to talk slightly differently and a forward proxy server doesn't behave like a regular webserver.
Reverse proxy is almost a normal webserver and the behavior is invisible to client side. An nginx example is proxy_pass
. There are some dirty tricks to employ a reverse proxy as a forward http proxy in a limited way, but it doesn't work at all as a forward https proxy because of the CONNECT verb.
So a forward proxy would be better named a "client-side proxy". A reverse proxy would be a "server-side proxy". (Forward/reverse proxy is a horrible nomenclature in my opinion.)
Don't use nginx as a forward proxy. It's intended to be used as a regular webserver or a reverse proxy.
Pavel Nazarov
Updated on September 18, 2022Comments
-
Pavel Nazarov over 1 year
I need to setup nginx as https proxy, but this did not work:
$ export https_proxy="http://127.0.0.1:8081" $ curl https://example.com curl: (56) Received HTTP code 400 from proxy after CONNECT
My nginx.conf:
server { listen 8081; location / { proxy_pass http://some.proxy.com:3128; proxy_set_header Host $http_host; } }
-
Pavel Nazarov about 6 yearsThanks for an explanation! Maybe you can guide me to a proper solution - I need proxy with vhost and auth support (that's why my first thought was about nginx). Squid? Anything else?