how to setup nginx as reverse proxy + tomcat ssl
mdounin at mdounin.ru
Wed Mar 31 12:48:07 MSD 2010
On Wed, Mar 31, 2010 at 04:09:42AM -0400, kaiyuan wrote:
> My questions are
> Can I have an SSL from Client to Nginx and another between
> Nginx and Tomcat ，nginx verify the client certificate,and
> also transfer the client certificate to tomcat,tomcat also
> verify the client certificate.
> if nginx can do this,how to setup.Can someboby give me an
> correct nginx.conf for this?
This is not possible. To "transfer" client certificate one have
to be able to access certificate's private key. Moreover, nginx
currently doesn't support using client certificates in proxy
connections at all.
You may want to pass results of client cert verification
($ssl_client_s_dn and so on) from nginx to tomcat in http headers
instead. See here for details:
More information about the nginx