HTTP Reverse Proxy
Application layer, cant present proxy destination certificate cause TLS handshake already being done at host
apache can only do HTTP reverse proxy
TCP/IP proxy pass
reverse proxy tcp packet, will present server certificate at destination instead of host,
Nginx can do it, go can do it
Nginx:
stream {
map $ssl_preread_server_name $target {
example.com 10.0.0.12:443; # Server B
default 10.0.0.11:443; # Server A
}
server {
listen 443;
proxy_pass $target;
ssl_preread on;
}
}
No comments:
Post a Comment