Welcome! Log In Create A New Profile

Advanced

Nginx auth_request pass through client SSL certificate

Posted by spacerobot 
spacerobot
Nginx auth_request pass through client SSL certificate
January 30, 2018 04:40AM
We use auth_request right now and it works great. However, we are making a
change that the authentication server in the future will only take SSL
requests and it also verifies client certificates. I couldn't seem to find
information online about how to pass through client SSL certificate when
using auth_request.

Current configuration:

location = /_auth {
internal;
proxy_method POST;
proxy_pass http://authentication-service;
}


Now that the authentication service is https only and it requires client SSL
cert verification as well. By only changing to

proxy_pass https://authentication-service;

doesn't work because it doesn't pass through the client SSL information from
the original request. I tried adding proxy_set_header for the X-SSL-CERT
header with $ssl_client_cert and it didn't work properly.

What's the best way that would allow me to continue to use the auth_request
module but allow passing through client SSL information from the original
request to the upstream?

Thanks!

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,278291,278291#msg-278291

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Sorry, only registered users may post in this forum.

Click here to login