I am in the process of configuring client side certification between 2 websites. example1.com and example2.com. example1.com will be accessing example2.com
I have created my certificate store and have added the following code to vhost for example2.com
ssl_client_certificate /home/user/ca.crt;
ssl_verify_client on;
When I access example2.com from a browser I get
400 Bad Request
No required SSL certificate was sent
- so this bit looks like it's working. If I add the cert to the browser and access the site then it works.
On the vhost for example1.com I have added the following, together with the locations of the SSL client cert I created in the previous step.
location /upstream {
proxy_pass https://example2.com;
proxy_ssl_certificate /etc/nginx/ssl/user.crt;
proxy_ssl_certificate_key /etc/nginx/ssl/user.key;
proxy_ssl_server_name on;
}
Is there anything else that I need to add in?
I have created my certificate store and have added the following code to vhost for example2.com
ssl_client_certificate /home/user/ca.crt;
ssl_verify_client on;
When I access example2.com from a browser I get
400 Bad Request
No required SSL certificate was sent
- so this bit looks like it's working. If I add the cert to the browser and access the site then it works.
On the vhost for example1.com I have added the following, together with the locations of the SSL client cert I created in the previous step.
location /upstream {
proxy_pass https://example2.com;
proxy_ssl_certificate /etc/nginx/ssl/user.crt;
proxy_ssl_certificate_key /etc/nginx/ssl/user.key;
proxy_ssl_server_name on;
}
Is there anything else that I need to add in?