Nginx ssl

I have 2 Nginx servers server1 and server2 . server1 requires client ssl verification. server2 proxies all request to server1

The problem is while i am trying to access my service directly from server1 the browser asks my client certificate and it works fine

But from servier2 it always gives error "400 Bad Request. No required SSL certificate was sent"

server1 nginx config is

server {
listen       443;
server_name  server1 ;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_client_certificate /etc/nginx/client_keys/keys.crt;
ssl_verify_client on;
ssl_verify_depth 1;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;

location / {
    proxy_pass https://some-service;
}
}

server2 nginx config is

server {
listen       443  default_server;
server_name  server2;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_client_certificate /etc/nginx/client_keys/keys.crt;
location / {
    proxy_pass https://server1;
}
}

---

At the moment, that is not supported in nginx. But there is senginx[1], it's proxy module is extended to support client certificate handshake with origin server.

[1] http://www.senginx.org/en/index.php/Proxy_HTTPS_Client_Certificate

链接地址: http://www.djcxy.com/p/21470.html

上一篇: 将文件内容从android重定向到计算机

下一篇: Nginx的SSL