reverse proxy with mTLS does not send client certificate to upstream
Andrej van der Zee
andrejvanderzee at gmail.com
Thu Oct 27 11:56:25 UTC 2022
Dear,
I am trying to setup an TLS auth reverse proxy with proxy_ssl_certificate
and proxy_ssl_certificate_key like below:
http {
server {
listen 8080;
resolver 8.8.8.8;
location ~ /mimir/(.*)$ {
proxy_pass https://<upstream-domain>/$1;
proxy_ssl_certificate_key /etc/nginx/tls-auth/mimir/tls.key;
proxy_ssl_certificate /etc/nginx/tls-auth/mimir/tls.crt;
}
}
}
Somehow the nginx reverse proxy does not send the configured client
certificate, resulting in the error below from my upstream server:
<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>nginx</center>
</body>
</html>
What am I missing?
Best regards,
Andrej
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20221027/7b6d01ef/attachment.htm>
More information about the nginx
mailing list