1

I am in a situation where I need to proxy all requests to /mypath/ to external-site.com. In order for network requests to work on the server, I need to go through http://external-proxy.com. This works fine when I'm accessing http://external-site.com, however I can't force external-site.com to be loaded over https. Below is the nginx.conf I've tried.

location /mypath/ {
    proxy_pass       http://external-proxy.com:8080/;
    proxy_set_header Host external-site.com;

    # Trying to load https://external-site.com (instead of http)
    proxy_set_header   Upgrade $http_upgrade;
    proxy_set_header   Connection "upgrade";
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_set_header   X-Real-IP $remote_addr;
    proxy_set_header   X-Scheme $scheme;
}

If you look at Nginx proxy_pass reverse proxying behind corporate firewall, this same question is asked in the comments:

That's good, but what if the destination protocol is HTTPS? I couldn't find a way to override that

Dehli
  • 111
  • 2

1 Answers1

0

It took me a while to see the dirty trick with http you used. But this won't work with https.

  1. The two upgrade config lines are solely for WebSockets support. Those are irrelevant here, they won't provide https to that external-proxy.
  2. You need to force nginx to use HTTP verb CONNECT underneath. I don't know how, but I see you are not doing it anywhere.
kubanczyk
  • 13,812
  • 5
  • 41
  • 55