Nginx as https proxy

nginx proxy https privoxy

5,104

There is a misunderstanding here. There are two types of http proxy that are two completely different animals: a reverse proxy and a forward proxy. Don't mix them.

Forward proxy is visible for a client OS (e.g. export https_proxy) or a browser. Client side knows it needs to talk slightly differently and a forward proxy server doesn't behave like a regular webserver.

Reverse proxy is almost a normal webserver and the behavior is invisible to client side. An nginx example is proxy_pass. There are some dirty tricks to employ a reverse proxy as a forward http proxy in a limited way, but it doesn't work at all as a forward https proxy because of the CONNECT verb.

So a forward proxy would be better named a "client-side proxy". A reverse proxy would be a "server-side proxy". (Forward/reverse proxy is a horrible nomenclature in my opinion.)

Don't use nginx as a forward proxy. It's intended to be used as a regular webserver or a reverse proxy.

5,104

Author by

Pavel Nazarov

Updated on September 18, 2022

Comments

Pavel Nazarov over 1 year

I need to setup nginx as https proxy, but this did not work:

$ export https_proxy="http://127.0.0.1:8081"
$ curl https://example.com
curl: (56) Received HTTP code 400 from proxy after CONNECT

My nginx.conf:

server {
    listen          8081;
    location / {
            proxy_pass              http://some.proxy.com:3128;
            proxy_set_header        Host            $http_host;
    }
}

Pavel Nazarov about 6 years

Thanks for an explanation! Maybe you can guide me to a proper solution - I need proxy with vhost and auth support (that's why my first thought was about nginx). Squid? Anything else?