We use auth_request right now and it works great. However, we are making a
change that the authentication server in the future will only take SSL
requests and it also verifies client certificates. I couldn't seem to find
information online about how to pass through client SSL certificate when
using auth_request.
Current configuration:
location = /_auth {
internal;
proxy_method POST;
proxy_pass http://authentication-service;
}
Now that the authentication service is https only and it requires client SSL
cert verification as well. By only changing to
proxy_pass https://authentication-service;
doesn't work because it doesn't pass through the client SSL information from
the original request. I tried adding proxy_set_header for the X-SSL-CERT
header with $ssl_client_cert and it didn't work properly.
What's the best way that would allow me to continue to use the auth_request
module but allow passing through client SSL information from the original
request to the upstream?
Thanks!
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,278291,278291#msg-278291
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
