tianon
commented
5 years ago It's just NGINX, so I'd imagine the only possible way to accomplish this is by messing with the listen line in the stream block that handles port 443 traffic:
https://github.com/tianon/squignix/blob/4b70ae523a29873855d471ac2856614a40fb9bf0/stream.conf#L16
That being said, this might not actually be possible, since the NGINX configuration isn't actually doing full MitM on the TLS connection (since that would break the trust chain and thus the usage of the proxy) and is only inspecting SNI to proxy the entire stream verbatim to the appropriate remote server.
Also, this isn't something I intend to do in the image itself (nor do I have a use case for), so the best I can do from here is wish you luck!
Hi, How to force http version 1.1 or http2 on port 443