i’ve my apache webserver with multiple sites on an ubuntu (16.04) host and i’ve my varnish with ngingx (for https) on another host (CentOS 6.5).
is it possible to bypass certificates from apache webserver (remote host) to ngingx?
what is the best way to do this?
on what host should the certificates be installed?
It would seem that NGINX is handling all the HTTPS, so the certs should go there.
If you mean to transfer them from one server to the other, yes, that should be possible.
But it may be easier to just let nginx get new certs.
That said, nginx would most likely also need to handle the http connections - you could use it as a reverse proxy for both http and https.
Or you could just redirect the http acme challenge requests to https.
Generally speaking, yes, one has the content for the sites and needs all their names; and the other needs to properly proxy to the individual sites and needs all their names as well (and certs to encrypt them with).