Unable to reverse proxy requests to Nifi running in the backend using client auth mechanism
Francis Daly
francis at daoine.org
Sat Dec 26 18:45:34 UTC 2020
On Mon, Dec 21, 2020 at 06:48:54AM -0500, balu wrote:
Hi there,
the error log says:
> 2020/12/21 11:46:45 [info] 14165#0: *6 client SSL certificate verify error:
> (2:unable to get issuer certificate) while reading client request headers,
> client: 49.207.211.47, server: nifi-test-nginx.insights.io, request: "GET
> /favicon.ico HTTP/1.1", host: "nifi-test-nginx.insights.io", referrer:
> "https://nifi-test-nginx.insights.io/nifi/?processGroupId=root&componentIds=87a087ca-0175-1000-ca56-1d437d733fb0"
that nginx failed to verify the presented client certificate.
You do have
> ssl_verify_client optional_no_ca;
in the provided server{} block, which includes
> server_name nifi-test-nginx.insights.np.vocera.io;
while the error log above refers to a different "server" and "host" value.
Is there any chance that you have more than one port-443 listener
configured in this nginx, and this request is being handled by something
other than the config that you showed?
Cheers,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list