This will use the nginx SSl stream, and ssl_stream_preread modules
# chmod 777 /var/run
# mkdir /var/run/nginx
# chown -R www-data:www-data /var/run/nginx
# sudo -u www-data mkdir /etc/nginx/ssl
stream {
map $ssl_preread_server_name $backend {
tls.stream.nginx unix:/var/run/nginx/tls_stream.sock;
default 127.0.0.1:50001;
}
server {
listen 1234;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass 127.0.0.1:12345;
}
server {
listen 4430;
ssl_preread on;
proxy_pass $backend;
}
server {
listen unix:/var/run/nginx/tls_stream.sock ssl;
ssl_protocols TLSv1.2;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass 127.0.0.1:23456;
}
}
1 apt update && apt install nginx
2 cd /etc/nginx/
3 ls
4 grep error_log ./(*
5 grep error_log ./*
6 apt install nano
7 nano nginx.conf
8 nginx --help
9 nginx -h
10 nginx -t
11 nginx
12 ps auxw
13 pkill nginx
14 nano nginx.conf
15 nginx -t
16 nginx
17 netstat -anp
18 apt install net-tools
19 netstat -anp
20 pkill nginx
21 nano nginx.conf
22 nginx
23 nc -vn 127.0.0.1 12345
24 nginx -h
25 nginx -v
26 nginx -V
27 nginx -V | tr ' ' '\n' | grep ssl
28 nginx -V 2>&1 | tr ' ' '\n' | grep ssl
29 nano nginx.conf
30 pkill nginx
31 nginx -t
32 pkill nginx
33 nano nginx.conf
34 nginx -t
35 nano nginx.conf
36 nginx -t
37 ls
38 mkdir ssl
39 cd ssl/
40 openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
41 apt install openssl
42 openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
43 mv key.pem key.enc
44 openssl rsa -in key.en -out key.pem
45 openssl rsa -in key.enc -out key.pem
46 cd ..
47 nginx -t
48 nginx
49 netstat -anp
50 openssl s_client -connect 127.0.0.1:2345 -servername tls.stream.nginx
51 pkill nginx
52 nano nginx.conf
53 nginx -t
54 nginx
55 openssl s_client -connect 127.0.0.1:2345 -servername tls2.stream.nginx
56 openssl s_client -connect 127.0.0.1:2345 -servername tls.stream.nginx
57 pkill nginx
58 nano nginx.conf
59 ps
60 spa uxw
61 ps auxw
62 nginx -t
63 nginx
64 openssl s_client -connect 127.0.0.1:2345 -servername tls.stream.nginx
65 pkill nginx
66 nano nginx.conf
67 nginx -ty
68 nginx -t
69 nginx
70 netstat -anp
71 nginx
72 pkill nginx
73 nginx
74 openssl s_client -connect 127.0.0.1:2345 -servername tls.stream.nginx
75 openssl s_client -connect 127.0.0.1:2345 -servername tls2.stream.nginx
76 pkill nginx
77 nano nginx.conf
78 pkill nginx
79 nginx
80 openssl s_client -connect 127.0.0.1:2345 -servername tls2.stream.nginx
81 openssl s_client -connect 127.0.0.1:2345 -servername tls.stream.nginx
82 openssl -version
83 pkill nginx
84 nano nginx.conf
85 nginx
86 nano nginx.conf
87 nginx
88 netstat -anp
89 openssl s_client -connect 127.0.0.1:443 -servername tls2.stream.nginx
90 openssl s_client -connect 127.0.0.1:443 -servername tls.stream.nginx
91 pkill nginx
92 nano nginx.conf
93 nginx
94 openssl s_client -connect 127.0.0.1:443 -servername tls.stream.nginx
95 nano nginx.conf
96 pkill nginx
97 nginx
98 openssl s_client -connect 127.0.0.1:443 -servername tls.stream.nginx
99 pkill nginx
100 nano nginx.conf
101 nginx
102 openssl s_client -connect 127.0.0.1:443 -servername tls.stream.nginx
103 ls
104 cat nginx.conf
105 \
106 pkill nginx
107 nano nginx.conf
108 sudo -u www-data nginx
109 apt install sudo
110 sudo -u www-data nginx
111 sudo chown -R www-data:www-data /etc/nginx/ssl
112 sudo -u www-data nginx
113 stat /var/run
114 mount
115 mkdir /var/run/nginx
116 sudo chown -R www-data:www-data /var/run/nginx/
117 sudo -u www-data nginx
118 nano nginx.conf
119 sudo -u www-data nginx
120 nano nginx.conf
121 sudo -u www-data nginx
122 pkill nginx
123 sudo -u www-data nginx
124 netstat -anp
125 sudo rm /var/run/nginx/ssh_stream.sock
126 sudo -u www-data nginx
127 sudo chmod 777 /var/run
128 sudo -u www-data nginx
129 sudo rm /var/run/nginx/ssh_stream.sock
130 sudo -u www-data nginx
131 openssl req -help
132 cat nginx.conf