This a code snippet to configure nginx as a reverse proxy for ldaps hosted on Red Hat IDM (freeipa).
Client — ldaps://proxy.nginx.corp —> NGINX — ldaps://idm.corp —> IDM
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| stream {
map $ssl_preread_server $name {
idm-site1.corp.com idm_site1;
idm-site2.corp.com idm_site2;
idm-site3.corp.com idm_site3;
}
upstream idm_site1 {
server idm1.corp.com:636;
server idm2.corp.com:636;
}
upstream idm_site2 {
server idm3.corp.com:636;
server idm4.corp.com:636;
}
upstream idm_site3 {
server idm5.corp.com:636;
server idm6.corp.com:636;
}
server {
listen 636 ssl;
proxy_ssl on;
ssl_certificate /etc/ssl/certs/idm-site.crt;
ssl_certificate_key /etc/ssl/private/idm-site.key;
ssl_password_file /etc/nginx/ssl_password.txt;
proxy_pass $name;
}
}
|