Is there any way where we can configure nginx to only verify the root of the
proxied HTTPS server (upstream server) certificate and to skip the host name
(or domain name) verification?
As I understand, proxy_ssl_verify directive can be used to completely
enable/disable the verification of proxied
Hi,
According to the documentation
(http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_verify)
the directive "proxy_ssl_verify" is used to enable or disabled the
verification of the proxied HTTPS server certificate. But it doesn't talk
about what all different types of validations
Thanks for the pointers.
For backend/upstream servers does they translate to the below two
directives
For read :
proxy_read_timeout
For send:
proxy_send_timeout
Please correct me if I am wrong
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,281614,281618#msg-281618
___
Hi,
Is there any directive available in Nginx to set a timeout between two
successive receive or two successive send network input/output operations
during the HTTP request response phase?
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,281614,281614#msg-281614
___
Hi,
We are trying to configure TCP load balancing with TLS termination. But when
we try to access the URL, we could see the below error in the nginx error
and access logs
Nginx Error Log:
2018/07/04 07:16:45 [crit] 7944#0: *61 SSL_do_handshake() failed (SSL:
error:1407609B:SSL routines:SSL23_GET
Hi,
I have multiple upstream servers configured in an upstream block in my nginx
configuration.
upstream example2 {
server example2.service.example.com:8001;
server example1.service.example.com:8002;
}
server {
listen 80;
server_name example2.com;
location / {
proxy_set_header X-Forwar
Hi,
I have multiple upstream servers configured in an upstream block in my nginx
configuration.
upstream example2 {
server example2.service.example.com:8001;
server example1.service.example.com:8002;
}
server {
listen 80;
server_name example2.com;
location / {
proxy_set_h
Hi,
We have been trying to upgrade the Nginx binary on the fly by invoking USR2
signal to spawn a new set of master and worker processes with the new
configuration. The question I have is when this new master process is
spawned, after issuing USR2 signal to the existing or the old master
process,
Just one quick question. Does Nginx check if the upstream servers are
reachable via the specified protocol, during the reload process? If say, in
this case the upstreams are not accepting ssl connections, will the reload
fail?
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,277399,27741
I am trying to use nginx as a reverse proxy with upstream SSL. For this, I
am using the below directive in the nginx configuration file
proxy_pass https://;
where "" is another file which has the list of
upstream servers.
upstream {
server : weight=1;
keepalive 100;
}
With this configur
I am trying to use nginx as a reverse proxy with upstream SSL. For this, I
am using the below directive in the nginx configuration file
proxy_pass https://;
where "" is another file which has the list of
upstream servers.
upstream {
server
: weight=1;
Hi,
In one of the environment, we never tried to stop nginx. We see that the
nginx master process and worker processes are running, but the pid file goes
missing all of a sudden.
How can we explain that?
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,274425,274427#msg-274427
__
Hi,
In our environments we are intermittently facing an issue where the
nginx.pid file goes missing, due to which whenever we try to do a reload of
nginx, it fails saying "no pid file exists". Is there any known scenarios
due to which the nginx.pid file goes missing?
Does the nginx reload has any
Earlier, it says the pid file doesn't exist even though the master and
worker processes were running.
2017/05/12 15:35:41 [notice] 19042#0: signal process started
2017/05/12 15:35:41 [error] 19042#0: open() "/u01/data/logs/nginx.pid"
failed (2: No such file or directory)
Can the above issue ( wh
At times, the error logs say
2017/05/15 11:37:01 [notice] 9#0: signal process started
2017/05/15 11:37:02 [alert] 22030#0: sendmsg() failed (32: Broken pipe)
2017/05/15 11:37:02 [alert] 22030#0: sendmsg() failed (32: Broken pipe)
2017/05/15 11:37:04 [alert] 22030#0: sendmsg() failed (9: Bad fi
Hi Maxim,
This is what I could find in the error logs
2017/05/15 11:32:18 [notice] 21499#0: signal process started
2017/05/15 11:32:19 [alert] 22030#0: sendmsg() failed (88: Socket operation
on non-socket)
2017/05/15 11:32:19 [alert] 22030#0: sendmsg() failed (32: Broken pipe)
2017/05/15 11:32:19
I am facing an issue where once I issued a reload to the NGinX binary, few
of the older worker processes are not dying. They still remain orphaned.
This is the configuration before issuing a reload :
[poduser@ucfc2z3a-1582-lb8-nginx1 logs]$ ps -ef | grep nginx
poduser 12540 22030 0 06:39 ?
I have an upstream block as follows
upstream sample{
server abc1.example.com down;
server abd2.example.com down;
}
Currently I get a 502 error. In this special case where I receive a 502 and
all upstream servers are down I would like a receive a specific error page
as temporarily unavaila
We have a persistent connection to Nginx on which we are issuing https
requests. Now when we do a reload, the persistent connections (the requests
which are already accepted) are failing as soon as the reload was issued.
Those connections are being dropped. Is this the expected behavior?
In the N
Hi All,
When we issue a reload to Nginx binary ( -s reload), what
are the steps involved inthe spawning of new set of worker processes?
Is it something like, while the older worker processes are still running or
are serving in flight requests, Nginx spawns the newer worker processes and
then bri
Thank Sergey, for you response.
I have one more question. If I have multiple upstream server host names in
the upstream server block, then how can I specify the specific upstream
server host name to which the request is being proxied, in the
proxy_ssl_name directive?
Posted at Nginx Forum:
http
Thank Sergey, for you response.
I have one more question. If I have multiple upstream server host names in
the upstream server block, then how can I specify the specific upstream
server host name to which the request is being proxied, in the
proxy_ssl_name directive?
Posted at Nginx Forum:
https
I am trying to implement HTTPS protocol communication at every layer of a
proxying path. My proxying path is from client to load balancer (nginx) and
then from nginx to the upstream server.
I am facing a problem when the request is proxied from nginx to the upstream
server.
I am getting the fol
23 matches
Mail list logo
