I am currently using Lighttpd as a proxy to add HTTPS encryption to an application that is not HTTPS capable.
For that I am using the following configuration:
# Listen to port 443
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
include "ssl-params.conf"
proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => 80 ) ) )
setenv.add-request-header = (
"X-Forwarded-Proto" => "https",
"X-Forwarded-Host" => "hardcoded.domain.com",
"X-Forwarded-Port" => "443"
)
# Set Error/Log
server.errorlog = "/var/log/lighttpd/error.log"
}
This configuration works except for one thing. I have to hard code the value for X-Forwarded-Host. Which was not a problem until recently, but now I have multiple domains pointing to the same proxy and need to forward the correct domain name.
Is there any way to extract to host from the incoming HTTPS connection to feed the correct value to X-Forwarded-Host?
lighttpd provides the host in X-Host request header to the backend instead of using X-Forwarded-Host.
FYI: according to https://redmine.lighttpd.net/issues/418, lighttpd is planning (in the future) to implement Forwarded HTTP Extension (https://www.rfc-editor.org/rfc/rfc7239)
BTW, lighttpd also already adds X-Forwarded-Proto in proxied requests.