Opened 4 years ago

Closed 4 years ago

#1951 closed enhancement (wontfix)

support stream tls termination protocol detection

Reported by: xqdoo00o@… Owned by:
Priority: major Milestone:
Component: nginx-module Version: 1.17.x
Keywords: Cc:
uname -a:
nginx -V: nginx/1.16.1


In haproxy I could use if HTTP after tls termination , but in nginx after stream tls termination, there is no Embedded Variables to show if it's http protocol.


    mode tcp
frontend tls-in
    bind *:443 tfo ssl crt /etc/ssl/private/aa.aa.pem
    tcp-request content accept if HTTP
    // how nginx could route request just like below ??
    use_backend httpback if HTTP
    default_backend customback


stream {
        upstream customback{
        upstream httpback{
        server {
                listen 443 ssl;
                //how to figure if it's http req.
                proxy_pass httpback;
                ssl_certificate /etc/cert/fullchain.cer;
                ssl_certificate_key /etc/cert/aa.aa.key;

Change History (3)

comment:1 by xeioex, 4 years ago

Hi xqdoo00o,
You may try stream js module (


js_include stream.js;
js_set $upstream upstream;
server {
  js_preread  preread;
  proxy_pass  $upstream;


var is_http = 0;

function preread(s) {
    s.on('upload', function (data, flags) {
        var n = data.indexOf('\r\n');
        if (n != -1 && data.substr(0, n - 1).endsWith("HTTP/1.")) {
            is_http = 1;
        if (data.length || flags.last) {

function upstream(s) {
    return is_http ? "httpback" : "customback";

comment:2 by xqdoo00o@…, 4 years ago

it does work,thanks!

comment:3 by Maxim Dounin, 4 years ago

Resolution: wontfix
Status: newclosed

Given that this is something that can be done using njs, and it is unclear if there is a strong demand for this feature to consider implementing this natively, closing this for now.

Note: See TracTickets for help on using tickets.