maybe if you're interested in the solution:
theres really nothing helpful in this logs.
After doing a traffic capture together with the backend provider, following was figured out.
Our Client Cert was signed by an intermediate certificate. The Backend checked against the root ca certificat.
So we need to send the intermediate certificat together with the client cert in a file included by proxy_ssl_certificate.
Just put both certificates together like
cat client.cert intermediate.cert > client+intermediate.cert
Than it worked.
theres really nothing helpful in this logs.
After doing a traffic capture together with the backend provider, following was figured out.
Our Client Cert was signed by an intermediate certificate. The Backend checked against the root ca certificat.
So we need to send the intermediate certificat together with the client cert in a file included by proxy_ssl_certificate.
Just put both certificates together like
cat client.cert intermediate.cert > client+intermediate.cert
Than it worked.