发表新帖
发表新帖

Create a Reverse Proxy in NodeJS that can handle multiple secure domains

后端 未结
关注
6 1290
猫巷女王i
猫巷女王i 2021-02-04 17:09

I\'m trying to create a reverse proxy in NodeJS. But I keep running the issue that in that I can only serve one one set of cert/key pair on the same port(443), even though I wa

相关标签:
6条回答
  • 甜味超标
    2021-02-04 17:18

    How about creating the SSL servers on different ports and using node-http-proxy as a server on 443 to relay the request based on domain.

    0 讨论(0)
  • Happy的楠姐
    2021-02-04 17:19

    Redbird actually does this very gracefully and not too hard to configure either.

    https://github.com/OptimalBits/redbird

    0 讨论(0)
  • 予麋鹿
    2021-02-04 17:19

    Bouncy is a good library to do this and has an example of what you are needing.

    As Steffen Ullrich says it will depend on the browser support for it

    0 讨论(0)
  • 孤街浪徒
    2021-02-04 17:19

    You stated you don't want to use nginx for that, and I don't understand why. You can just setup multiple locations for your nginx. Have each of them listen to different hostnames and all on port 443. Give all of them a proxypass to your nodejs server. To my understanding, that serves all of your requirements and is state of the art.

    0 讨论(0)
  • 不思量自难忘°
    2021-02-04 17:21

    Let me dynamically server SSL certificates via domain header

    There is no domain header so I guess you mean the Host header in the HTTP request. But, this will not work because

    • HTTPS is HTTP encapsulated inside SSL
    • therefore you first have to do your SSL layer (e.g. SSL handshake, which requires the certificates), then comes the HTTP layer
    • but the Host header is inside the HTTP layer :(

    In former times you would need to have a single IP address for each SSL certificate. Current browsers do support SNI (server name indication), which sends the expected target host already inside the SSL layer. It looks like node.js does support this, look for SNICallback. But, beware that there are still enough libraries out there, which either don't support SNI on the client side at all or where one needs to use it explicitly. But, as long you only want to support browsers this should be ok.

    0 讨论(0)
  • 温柔的废话
    2021-02-04 17:32

    Here is the solution you might be looking at, I found it very useful for my implementation though you will need to do huge customization to handle domains

    node-http-rev proxy: https://github.com/nodejitsu/node-http-proxy

    0 讨论(0)
 看不清?
提交回复
热议问题