Forwarding ssl certificate to proxied server

0
votes

Is it possible to forward ssl certificate from application server https://example.com to Wordpress server and how to set Nginx and Wordpress for that? I've tried numerous settings, but without success. My idea was to proxy https://example.com/blog to Wordpress server, so that blog is on the same domain but I was unable to put that idea into working solution. My desired end result is example.com and example.com/blog with example.com certificate. My assumption is because they are part of the same domain that it should work. I can post conf files if needed. I have certificate for www.example.com and not a wildcard certificate.

Thanks in advance. Cheers

1
sslnginxssl-certificate
Forwarding a server certificate is pointless without also forwarding its private key, and you should never even contemplate doing that.user207421

1 Answers

0
votes

A proxy server is a "man in the middle" (mitm), and mitm is exactly what SSL protects against. Normally, the client talks directly to the server, and the client is able to verify the authenticity as a result of the the SSL handshakes. If you have a proxy in between, the client will be talking to your proxy server, and your proxy server will be talking to the real server. This works just fine, but the client will not be able to verify that it's actually connecting to the server you are proxying - the SSL handshake cannot be proxied, so to speak.

In your case, it seems like this should work just fine, as you serve example.com and example.com/blog from the same nginx, which has SSL certificates for example.com. So assuming you're setting up nginx to talk to https://whatever.wordpress.com, then that will work just fine. The only thing that won't "work" is for the end user to be able to verify that they're talking to wordpress.com. And that seems to me like it would be no problem at all.