Proxy_Pass to another vhost on same machine

Maxim Dounin mdounin at
Tue Jun 10 12:03:48 UTC 2014


On Mon, Jun 09, 2014 at 01:53:11PM -0400, paulg1981 wrote:

> Hello,
> I am attempting to use with client certificate auth as a
> springboard for other sites on the same server. I am using client certs with
> my iphone (and other browsers) to skip the password auth and be more secure.
> The first two proxy_pass statements work fine (sickbeard and couchpotato)
> but the next (munin) gives the error 400 Bad Request No required SSL
> certificate was sent. If I put the address
> ( in my address bar it works fine? I don't
> understand why it is requesting the client cert for the subdomain that
> doesn't use client auth. The uses basic auth.

In no particular order:

- Make sure that "s" in the "https://tools..." isn't a typo and 
  you actually mean to use encrypted connection between nginx and 
  this backend.

- Make sure the "" https backend actually don't 
  have client cert auth switched on.  In particular, make sure 
  it's either uses separate ip:port, or you've enabled SNI in 
  nginx proxy (

> Secondly I want to access the from and
> not be prompted for the basic auth password. So I want to include the
> authorization in the proxying.

Instead of providing a password, you may consider configuring 
access from a fixed set of ip addresses, using the access module 
and "satisfy any", see for an example.

If you want nginx to send a password, you may do so by adding 
the Authorization header with proxy_set_header, see and

Maxim Dounin

More information about the nginx mailing list