-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sadly, I think you'll find that nginx doesn't do HTTPS forward proxying (i.e support CONNECT).
http://forum.nginx.org/read.php?2,15124,15256#msg-15256 Craig Miskell On Tue, 02 Sep 2014 11:08:34 -0700 Starchy <star...@gmail.com> wrote: > Yes, nginx should be able to handle all of these use cases, and reload the > config gracefully like haproxy. It also has some other useful features you > might or might not care about, like serving serving static content directly > and doing its own optional caching (although I prefer to pair it with > varnish). It purports to be a full-featured web server, but in general what > it offers is speed vs apache's true full-featuredness. > > On 09/02/2014 07:59 AM, Tom Limoncelli wrote: > > We use haproxy, which does all that, including the ability to reload > > the config gracefully > > (http://www.mgoff.in/2010/04/18/haproxy-reloading-your-config-with-minimal-service-impact/). > > > > I hear good things about nginx. > > > > Tom > > > > On Mon, Sep 1, 2014 at 10:45 PM, Geoff Halprin <ge...@sysadmin.com.au> > > wrote: > > > > > > I'm after recommendations for a Forward HTTP / HTTPS proxy for use in an > > > API > > > gateway. > > > > > > It will need to support: > > > · Non-authenticated and authenticated access to downstream proxies. > > > · Direct connection support (duh)... > > > · Non-Caching. > > > · High concurrent flow capability. > > > · Able to support an ordered mapping of either (protocol, host or host > > > suffix, port), (host or host suffix, port) or (host or host suffix) to > > > next > > > hop-proxy or direct connection. Wildcard support for host portions. > > > Examples > > > below. > > > · Ideally able to update rules without shutting down the proxy; loss of > > > current requests... > > > > > > Examples: > > > > > > http://www.outside.dmz:8080 ==> CONNECT proxy1.local:8880 > > > https://secure.com ==> CONNECT user:pw@proxy2.local:80 > > > https://www.secure.com ==> DIRECT (DNS resolution of www.secure.com) > > > http://api.other.org ==> DIRECT (DNS resolution of api.other.org) > > > DEFAULT => <direct> > > > > > > Warm regards, > > > > > > Geoff Halprin > > > > > > _______________________________________________ > > > Tech mailing list > > > Tech@lists.lopsa.org > > > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > > > This list provided by the League of Professional System Administrators > > > http://lopsa.org/ > > > > > > > > > > > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUBjTfAAoJENezkH+p+mMX3K8P/2iiRmxHe2r/5zid4A2w6jxq yqOXENQcKd9khe4TyYhoxjHpSItXlRif1R9loZYrWBFPxRid+1ABxFJXsTbS51+j nwfhjTwqC7nnIvAocDqsHtmrUnUyYRIK04b/NV9gJwaIE/i+pVl4fV7ZMjT2u2hf 5kP/8yHJEdabunTYMIuu6+bpA5Jk8COyGd2mGUwO/fmFwt7N1Ri8cbQdEmPu7STx z0rZwoHew5x8SP3FivOKNaWNcF4+4NV0ioFjR+qEW+7iPDlh2pZsevH2awKEnmLO Gga8loH8ZFstLogvjCaW42UACe3KltRwJt4hNXjNRk8J7jI9s3FNxJC1DJ+k8Tf3 Fiy4UbDkGgH9IcXEbAHQQwTCBoJXYTWey2JGm+Gjc2MRHtGRxgXbg3/ZCmwF5nFw qYoJ8SrqaTqt2rgxtpTGIPznbxqeLjH5T7epXNeOrvGNOv3bFSxCkbvgEzLI6aqi PCHKtDXqEWdtbhSWV+Vb22nwt5Kq2GK7dCl5crunL09n5rjPc+NFvyY+R2JFVVIc p5vRQjZFL1Xfy0nitJgc3/6b6rslhBqQZ9zNShSiCSv2B+apMqzKYS/RQrWX4BS1 DezyVs6rLuUQbSo4IsImaH3sHuoqQaT+8Bjxiv+ImJixZ+YQQ4WNnXCnwSLQNJiX Vl34kRVoEHu3dptx5Mld =Xqqf -----END PGP SIGNATURE----- _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
