Two TLS/SSL sessions are set up on the client-proxy-server link. Man-in-the-Middle (MITM) Proxy: The proxy server decrypts HTTPS traffic, uses a self-signed certificate to complete the TLS/SSL handshake with the client, and completes normal TLS interaction with the target server.This article describes the NGINX proxy mode pertaining to this type. The client performs direct TLS/SSL interaction with the target server. It does not decrypt or perceive the specific content of its proxy traffic. The proxy server specifically transmits the HTTPS traffic over TCP transparently. Tunnel Proxy: This is a proxy that transparently transmits traffic.For example, a Web Gateway device on an enterprise network is a transparent proxy.Ĭlassification Basis: Whether the Proxy Encrypts HTTPS The "proxy" role is transparent to the client. Transparent Proxy: There is no need for the proxy settings on the client.For example, when you specify the IP address and port 3128 of the Squid server on the client. Common Proxy: Here, the proxy address and port are manually configured in the browser or system environment variables on the client.Classification Basis: Whether the Proxy is Transparent to the Client To begin with, let's take a closer look at the classification of the forward proxy. Classification of HTTP/HTTPS Forward Proxy This article describes two methods for using NGINX as the forward proxy for HTTPS traffic, as well as their application scenarios and principal problems. The forward proxy itself is not complex, the key issue it addresses is how to encrypt HTTPS traffic. However, with continuous development, NGINX also serves as one of the options to implement the forward proxy. NGINX was initially designed as a reverse proxy server.
0 kommentar(er)
