Skip to content

Instantly share code, notes, and snippets.

@waddles

waddles/README.md

Created November 4, 2022 02:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save waddles/5a14e716da02568ac1021e919a305057 to your computer and use it in GitHub Desktop.
Save waddles/5a14e716da02568ac1021e919a305057 to your computer and use it in GitHub Desktop.
Download ZIP
Nginx reverse proxy to legacy device running TLSv1 server
Raw
README.md

Nginx reverse proxy to legacy server

Got an old legacy device that you can't upgrade?

Maybe an end-of-life network management card in your UPS or an old out-of-band management card that only supports TLS 1.0?

Modern browsers have deprecated support for older TLS versions so connecting to a server that only supports TLS 1.0 will not work.

This simple nginx config allows you to run a local nginx server on a non-privileged port without TLS and nginx will handle the encrypted connection to the legacy server.

nginx -t -c $(pwd)/nginx.conf
nginx -c $(pwd)/nginx.conf

Then browse to http://localhost:3000.

When done, hit ctrl-C to stop nginx.

Raw
nginx.conf
daemon off;
events {}
http{
server {
listen 127.0.0.1:3000 default_server;
location / {
proxy_pass https://10.0.0.1:443;
proxy_ssl_protocols TLSv1;
proxy_http_version 1.0;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment