Best practice for SSL passthrough?

Lars Jørgensen lajo at
Fri Jun 17 15:23:28 CEST 2011

> We're actually a pretty big fan of running Nginx on port 443 for our SSL
> (so let Nginx encrypt all traffic), and let it talk to the backend port
> 80 (your varnish) as a proxy configuration.

Let me get this straight: HTTPS -> nginx -> HTTP -> Varnish -> HTTP -> Backend?

Is that how it works? That seems pretty neat because then I can cache https requests too. 

I don't know too much about ssl, but it seems to me the backend might be confused at getting regular http requests when it expects https? Or this might not be an issue?

> With Nginx you can pass some extra headers to your backend as well, so
> you can differentiate between HTTP and HTTPs traffic.

In what case would I want to do that?


More information about the varnish-misc mailing list