Looking for a solution for Nginx forward proxy HTTPS request

Question

The application server (Tomcat) and the proxy server (Nginx) are on different servers, and the application server cannot directly access the external network. HTTP requests to the external network can only be sent through Nginx. Forward proxyGo out

For example, use apache.http.client

/** 正向代理地址 */
private static HttpHost forwardProxy = new HttpHost(host, forwardPort, forwardSchema);
HttpClientBuilder builder = HttpClients.custom().setDefaultRequestConfig(globalConfig).setKeepAliveStrategy(keepAliveStrat);
if (isForward) {
    builder.setProxy(forwardProxy);
}
this.httpClient = builder.build();

    server {
        listen 8092;
        location / {
            # 配置 DNS 解析 IP 地址，以及超时时间，
            resolver 219.149.6.99 114.114.114.114;
            resolver_timeout 30s;
            proxy_pass $scheme://$host$request_uri;
            # proxy_set_header 部分的配置，是为了解决如果 URL 中带 "."（点）后 Nginx 503 错误
            proxy_set_header Host $http_host;
            # 配置缓存大小，关闭磁盘缓存读写减少I/O，以及代理连接超时时间
            proxy_buffers 4 256k;
            proxy_max_temp_file_size 0;
            proxy_connect_timeout 30;
            # 配置代理服务器 Http 状态缓存时间
            proxy_cache_valid 200 302 10m;
            proxy_cache_valid 301 1h;
            proxy_cache_valid any 1m;
        }
        access_log logs/proxy-$host-aceess.log main;
        error_log  logs/proxy-$host-error.log;
    }

The above method does not seem to work for HTTPS requests. Nginx does not support forward proxy HTTPS without replying. I just want to evaluate the solution of this scenario.

Answer 1

Your proxy here is $scheme://$host$request_uri; Why do you need to use a variable? Isn’t this variable from the server where nginx is located? It feels very strange here

Answer 2

No one has any ideas?