Welcome! Log In Create A New Profile


Backend with client certificate authentication

Posted by hbellahc 
Backend with client certificate authentication
November 14, 2018 11:36AM

I have an application (EJBCA) which is installed in wilfdly 10 version.

This application requires a client certificate authentication.

I need to put nginx in front and I have some issue to forward the client certificate to the application.

Here is my configuration :

location /ejbca/adminweb {
proxy_pass https://<ip>:<port>/ejbca/adminweb ;

proxy_set_header SSL_CLIENT_CERT $ssl_client_cert ;
proxy_set_header SSL_CIPHER $ssl_cipher ;
proxy_set_header SSL_SESSION_ID $ssl_session_id ;

In wildfly side (in undertow subsystem) I added an attribute certificate-forwarding :

<http-listener name="http" socket-binding="http" certificate-forwarding="true" redirect-socket="httpspriv"/>

But I still have a Bad Gateway error.

Any idea ?

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 94
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready