[英]Nginx proxy_ssl_certificate not working as expected
I'm using nginx as a proxy to a backend server. 我正在使用nginx作为后端服务器的代理。 The backend server is also using nginx and enforcing client certificate authentication using the ssl_client_certificate
and ssl_verify_client
directives. 后端服务器还使用nginx并使用ssl_client_certificate
和ssl_verify_client
指令来强制客户端证书认证。
In my nginx server I set the following: 在我的nginx服务器中,设置以下内容:
location /proxy {
proxy_pass https://www.backend.com;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ssl_certificate /etc/nginx/cert/client.crt;
proxy_ssl_certificate_key /etc/nginx/cert/client.key;
}
according to the nginx docs . 根据Nginx的文档 。
However, the backend is still responding with a 400 reponse code "No required SSL certificate was sent"
. 但是,后端仍以400响应代码"No required SSL certificate was sent"
响应。
Note that when issuing requests to the backend server using wget with the client certificate, I get a valid 200 OK response: 请注意,使用带有客户端证书的wget向后端服务器发出请求时,我得到一个有效的200 OK响应:
wget --certificate=/etc/nginx/cert/client.crt --private-key=/etc/nginx/cert/client.key https://www.backend.com
What am I missing in my nginx configuration? 我的Nginx配置中缺少什么?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.