In passthrough https traffic, OpenLiteSpeed option "useIpInProxyHeader 1" does not work

#1
I have a single Nginx reverse proxy that streams, without terminating SSL, incoming https traffic to a backend OpenLiteSpeed webserver. Because the Nginx reverse proxy does not terminate (or intercept) SSL packets, and instead directly passes to the backend OpenLiteSpeed server, all SSL validation and SSL certificates reside on the backend OpenLiteSpeed Server. The Nginx reverse proxy does not speak SSL; it only checks SNI hostname and forwards to the backend OpenLiteSpeed server.

OpenLiteSpeed on the backend server cannot see real client IP, regardless of useIpInProxyHeader setting.

If I use Nginx for backend server, instead of OpenLiteSpeed, the webserver can see the real client IP.

I am guessing that OpenLiteSpeed does not understand proxy_protocol (supported by Nginx reverse proxy).
 
Top