Question about X-Forwarded-Proto

[Alon-Hen-LS]

Hey all, im using nginx to terminate tls and sending through nginx all the possible forwarded-for headers

From the nginx i proxy pass to fabio on http,

My question is, will fabio change the forwarded-for-proto to http? Since it received the tarffic through http?

Since keycloak expects it to be found as https...
(It has the option to recognize that tls was terminated at reverse proxy level, but im afraid fabio might be hondering it?)

Thanks in advance!

[aaronhurt]

You can follow the full logic of the forwarded headers here: https://github.com/fabiolb/fabio/blob/master/proxy/http_headers.go#L36
Test cases with examples here: https://github.com/fabiolb/fabio/blob/master/proxy/http_headers_test.go

Additionally, Fabio is capable of handling TLS and has flexible configuration for TLS options including ciphers: https://fabiolb.net/ref/proxy.addr/