With netscaler, I can redirect all traffic SSL to specific host which depending their subdomains.
Example:
+-------------+
+-------> |webserver 443|
| +-------------+
+----------+ +--------------+ www.example.com:443
| internet | +----> | reverseproxy |
+----------+ +--------------+
| +-----------+
+-------> |openvpn 443|
+-----------+
vpn.example.com:443
The traffic is just redirected and it not unencrypted because we have not configure any certificate on Netscaler. We have just one certificate "wildcard" for the reverse proxy.
I want to say that I have not configured NetScaler. So, it is possible I'm wrong on the configuration.
Question:
- I would to know if it is possible to do the same with an opensource software like Nginx or Squid?
- How does it work this configuration?
Best Answer
This is fairly trivial to do on nginx. Define a server for the domain (or each domain), set up locations that tell it what maps to where, and use a proxy_pass to pass the request through to the correct back end server. I believe this is exactly what nginx is designed for.
In this case since one is on a subdomain you define two servers and probably only one location per server, one that passes everything through. If you want to serve static resources directly from nginx you can, which may be slightly faster, but could be more effort.
Read up on Nginx as a reverse proxy.